stealc | 0404556be24578fac28128825388236d6bf93bfe58c21aabaf7f5a8c92a66aa1 | Triage

Sharing

General

Target

0404556be24578fac28128825388236d6bf93bfe58c21aabaf7f5a8c92a66aa1
Size

312KB
Sample

240428-wwjazade87
MD5

afaa459466d793e35de7cda402ddc8c7
SHA1

5d949a34f1d946ad556fa50ab93f36a817f5a867
SHA256

0404556be24578fac28128825388236d6bf93bfe58c21aabaf7f5a8c92a66aa1
SHA512

7ed39c4a099f6110a9aa6433e83bf3b1c053a5ea16c66cc84e7b993730be6f57fe4a8730348a4e45cf3bd390d48e92416d77054db82cca607b5742c4f7bb757a
SSDEEP

6144:OOUPx7YkrkRNaq7uae2X3bvmpGEWFE+ZBd:OJPJYEkRhRrRd

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://185.172.128.76

Attributes

url_path
/8681490a59ad0e34.php

Targets

- Target
  
  0404556be24578fac28128825388236d6bf93bfe58c21aabaf7f5a8c92a66aa1
- Size
  
  312KB
- MD5
  
  afaa459466d793e35de7cda402ddc8c7
- SHA1
  
  5d949a34f1d946ad556fa50ab93f36a817f5a867
- SHA256
  
  0404556be24578fac28128825388236d6bf93bfe58c21aabaf7f5a8c92a66aa1
- SHA512
  
  7ed39c4a099f6110a9aa6433e83bf3b1c053a5ea16c66cc84e7b993730be6f57fe4a8730348a4e45cf3bd390d48e92416d77054db82cca607b5742c4f7bb757a
- SSDEEP
  
  6144:OOUPx7YkrkRNaq7uae2X3bvmpGEWFE+ZBd:OJPJYEkRhRrRd
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer

behavioral2

stealcdiscoverystealer