stealc

General

Target

364e800c0cf1962f36e41f8f1a5a1029decb25007c712277275729e299543683
Size

408KB
Sample

240508-2rttssbg4z
MD5

a4dcfaa13e52e432fc8fdca623c6f01e
SHA1

a31d46c6989187943a2ff623c0ce40989dc22739
SHA256

364e800c0cf1962f36e41f8f1a5a1029decb25007c712277275729e299543683
SHA512

ef19c81dfbc921c4e2201f97b3e42895bad3a8783f92ed4d0a69b5e76729115e6b127591041cdd245e9f32db36f0955b12ee4ab1014ac53ab5560ad6aaa5b6bb
SSDEEP

6144:Et/Mq3iBOHmgiOSbXEX1Hj09wKU2mvAJgiBthwUl:LaRilbUX2jS2Bt2Ul

Score

10^/10

Malware Config

Extracted

Family

stealc

C2

http://185.172.128.150

Attributes

url_path
/c698e1bc8a2f5e6d.php

Targets

- Target
  
  364e800c0cf1962f36e41f8f1a5a1029decb25007c712277275729e299543683
- Size
  
  408KB
- MD5
  
  a4dcfaa13e52e432fc8fdca623c6f01e
- SHA1
  
  a31d46c6989187943a2ff623c0ce40989dc22739
- SHA256
  
  364e800c0cf1962f36e41f8f1a5a1029decb25007c712277275729e299543683
- SHA512
  
  ef19c81dfbc921c4e2201f97b3e42895bad3a8783f92ed4d0a69b5e76729115e6b127591041cdd245e9f32db36f0955b12ee4ab1014ac53ab5560ad6aaa5b6bb
- SSDEEP
  
  6144:Et/Mq3iBOHmgiOSbXEX1Hj09wKU2mvAJgiBthwUl:LaRilbUX2jS2Bt2Ul
Score

10^/10

stealc zgrat discovery rat stealer
- Detect ZGRat V1
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

3

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Detect ZGRat V1

ZGRat

Downloads MZ/PE file

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2