stealc | a2fd8a297495243eb602d0cc696445e264ae83b2896f35e1b7cf2232337fd6a9 | Triage

Sharing

General

Target

39351fae1fa6e6227941ebc2b7a7fc75.exe
Size

311KB
Sample

240428-eynj2afh98
MD5

39351fae1fa6e6227941ebc2b7a7fc75
SHA1

352bd5b4f4373546dfe9576dbd02b158589dbd0a
SHA256

a2fd8a297495243eb602d0cc696445e264ae83b2896f35e1b7cf2232337fd6a9
SHA512

04c17b9e4417a9cc61df2841efbedbb4c9ba9f3c0e165e1d3c75643bb265135a41c83c19278da0d11fa0547af29e1da1162d0904f2cb2cf89a18f7354a6640dc
SSDEEP

3072:R1GwGnDTpebsP2X/Z+UzcZsV7ztLksKuPDthTDuDN2gwnMwWF9YX2kkZ7ODE:Qw4c2s9zasKYaR2gSM1KGJODE

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://185.172.128.76

Attributes

url_path
/8681490a59ad0e34.php

Targets

- Target
  
  39351fae1fa6e6227941ebc2b7a7fc75.exe
- Size
  
  311KB
- MD5
  
  39351fae1fa6e6227941ebc2b7a7fc75
- SHA1
  
  352bd5b4f4373546dfe9576dbd02b158589dbd0a
- SHA256
  
  a2fd8a297495243eb602d0cc696445e264ae83b2896f35e1b7cf2232337fd6a9
- SHA512
  
  04c17b9e4417a9cc61df2841efbedbb4c9ba9f3c0e165e1d3c75643bb265135a41c83c19278da0d11fa0547af29e1da1162d0904f2cb2cf89a18f7354a6640dc
- SSDEEP
  
  3072:R1GwGnDTpebsP2X/Z+UzcZsV7ztLksKuPDthTDuDN2gwnMwWF9YX2kkZ7ODE:Qw4c2s9zasKYaR2gSM1KGJODE
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

stealcdiscoverystealer

behavioral2

stealcdiscoverystealer