Extracted

• • Target

    f09c622512228d56ad3555f21d6ae45549a8d25847c81385c081e5d6bfd9d813

  • Size

    346KB

  • MD5

    f42bdef761c1ca4496542cdc8024073e

  • SHA1

    5990c707a5bf75f76eb84aedaca381d854c4fbf9

  • SHA256

    f09c622512228d56ad3555f21d6ae45549a8d25847c81385c081e5d6bfd9d813

  • SHA512

    41fa338c987676883c29b9911459a3eb38b4cd21b16da4971945a5accc000d72c5aae4175982a4209526d103b5b3d29b8505346af444677aa8ae605300ce1b1b

  • SSDEEP

    3072:YUmHzT+88mdFtaOA4M/CbZZ4BQj/Gek/ceVCZ5Bte97d9thjun5B7+iqWmqGg1fd:CX+Ix4BQj/8/cWgA97d9fuT7+VhwR

  Score

  10^/10

  stealcdiscoveryspywarestealer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Loads dropped DLL

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2