stealc | 2a95da6136e35a81cbd596c909286255c36b42ea23288ac39bf7e5777f3c26ce | Triage

Sharing

General

Target

2a95da6136e35a81cbd596c909286255c36b42ea23288.exe
Size

312KB
Sample

240428-lerkxach2w
MD5

fe1fa198626701a72893c05b5e3c7d0c
SHA1

830e5b629fec1cc2a532f6fe733efb1190c9cde5
SHA256

2a95da6136e35a81cbd596c909286255c36b42ea23288ac39bf7e5777f3c26ce
SHA512

34806c5779ceeb207df9253c5bd59b89bccb89c6ec1e09ad45d39588d5463c736169afee3ba499a6e44df47b8ee265c7be71eb274e6522ce5d4bd5a7ce976c96
SSDEEP

3072:gF1QsEr0pvCuuf1WzaLjh+U0+8N8r760loh7ofE0Fwdn+TGS8fKMr4UHEIFeI7Ir:MmoE4ho76zhU5wR+Tlft8EIFe1d

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://185.172.128.62

Attributes

url_path
/902e53a07830e030.php

Targets

- Target
  
  2a95da6136e35a81cbd596c909286255c36b42ea23288.exe
- Size
  
  312KB
- MD5
  
  fe1fa198626701a72893c05b5e3c7d0c
- SHA1
  
  830e5b629fec1cc2a532f6fe733efb1190c9cde5
- SHA256
  
  2a95da6136e35a81cbd596c909286255c36b42ea23288ac39bf7e5777f3c26ce
- SHA512
  
  34806c5779ceeb207df9253c5bd59b89bccb89c6ec1e09ad45d39588d5463c736169afee3ba499a6e44df47b8ee265c7be71eb274e6522ce5d4bd5a7ce976c96
- SSDEEP
  
  3072:gF1QsEr0pvCuuf1WzaLjh+U0+8N8r760loh7ofE0Fwdn+TGS8fKMr4UHEIFeI7Ir:MmoE4ho76zhU5wR+Tlft8EIFe1d
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

stealcdiscoverystealer

behavioral2

stealcdiscoverystealer