stealc | 31c7097c21baf60d131301217e0c91c92fdccf0aa3da9c30bb1adc4f89892bdc | Triage

Sharing

General

Target

tmp
Size

307KB
Sample

240428-ncjtdsed55
MD5

4c6a7cec00bcfd3ac8568ab6d1b07c3d
SHA1

8ce47c4e0be73ac554cae1e7d2f90fa0119f5243
SHA256

31c7097c21baf60d131301217e0c91c92fdccf0aa3da9c30bb1adc4f89892bdc
SHA512

e260e572b27ba715a26616f814575c194a21f43d44c355cfa559f19b876785aebabbf32bcf1fae08c847a115fcacd2a7b5ed527b480e6951588b65cb2dd0aa6c
SSDEEP

6144:Qp8OaLzaFlWdxp4+Ve6Rk/XCBXiAB4rECl1YON:W8OEaF4zpx9RuU5oRN

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://185.172.128.62

Attributes

url_path
/902e53a07830e030.php

Targets

- Target
  
  tmp
- Size
  
  307KB
- MD5
  
  4c6a7cec00bcfd3ac8568ab6d1b07c3d
- SHA1
  
  8ce47c4e0be73ac554cae1e7d2f90fa0119f5243
- SHA256
  
  31c7097c21baf60d131301217e0c91c92fdccf0aa3da9c30bb1adc4f89892bdc
- SHA512
  
  e260e572b27ba715a26616f814575c194a21f43d44c355cfa559f19b876785aebabbf32bcf1fae08c847a115fcacd2a7b5ed527b480e6951588b65cb2dd0aa6c
- SSDEEP
  
  6144:Qp8OaLzaFlWdxp4+Ve6Rk/XCBXiAB4rECl1YON:W8OEaF4zpx9RuU5oRN
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer

behavioral2

stealcdiscoverystealer