Extracted

• • Target

    352f6bd215c783f192d678d3add9eabde7799c940dc57680bdfb76de816e86bd

  • Size

    291KB

  • MD5

    1c4bc43d1107f8a444cc8e1fbdc4c83d

  • SHA1

    2a989ad45ded9162325f2199c5d276480d8974a5

  • SHA256

    352f6bd215c783f192d678d3add9eabde7799c940dc57680bdfb76de816e86bd

  • SHA512

    1023bca52d391bf7659ae0f2ecec97da04c740f2e093b554833b7c27b528991db7a2ee1d90733e008bca8f6e2810e7ad9d3551a33a365b2ba0cbfd085ed2299b

  • SSDEEP

    3072:TUgdIekVl4c4nS1Ph1EwnT8Dm7bjasogNn5tOB5WlLVdE5PUiLi:TUgdI9mc4ni1Ewn4C78gN5tOalLV2f

  Score

  10^/10

  stealcdiscoveryspywarestealer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2