Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f1e0f94c9805a2b0cd67ce3ba191200aa9215bd0d2d268c3226d143705205273

  • Size

    364KB

  • Sample

    240508-xx766aag7t

  • MD5

    4509681ced83b53da9d682fa1f60cd93

  • SHA1

    c15d7d09fef5a6b79a1b033e0686b02052363f7b

  • SHA256

    f1e0f94c9805a2b0cd67ce3ba191200aa9215bd0d2d268c3226d143705205273

  • SHA512

    227e0e265f70eb2a108e1fcad32366c32bd61391fc0174e15f076864cd330a423667baa54e8d0a1a748eaa33af3ae80d4ce53a0f62721dd4a842f7a29e143cba

  • SSDEEP

    6144:US0t5FW7l8UYZb1jNb41/6vpo+kveaeldhFeyf8rSYMOLcPZuBkT7YKkUT3fgI:US0nY7+5ao6DmlLhFerrSYMOEZuBkPTd

Score
10/10
stealczgratratstealer

Malware Config

Extracted

Family

stealc

C2

http://185.172.128.150

Attributes
  • url_path

    /c698e1bc8a2f5e6d.php

Targets

    • Target

      f1e0f94c9805a2b0cd67ce3ba191200aa9215bd0d2d268c3226d143705205273

    • Size

      364KB

    • MD5

      4509681ced83b53da9d682fa1f60cd93

    • SHA1

      c15d7d09fef5a6b79a1b033e0686b02052363f7b

    • SHA256

      f1e0f94c9805a2b0cd67ce3ba191200aa9215bd0d2d268c3226d143705205273

    • SHA512

      227e0e265f70eb2a108e1fcad32366c32bd61391fc0174e15f076864cd330a423667baa54e8d0a1a748eaa33af3ae80d4ce53a0f62721dd4a842f7a29e143cba

    • SSDEEP

      6144:US0t5FW7l8UYZb1jNb41/6vpo+kveaeldhFeyf8rSYMOLcPZuBkT7YKkUT3fgI:US0nY7+5ao6DmlLhFerrSYMOEZuBkPTd

    Score
    10/10
    stealczgratratstealer

    • Detect ZGRat V1

    • Stealc

      Stealc is an infostealer written in C++.

      stealerstealc

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Downloads MZ/PE file

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks