Extracted

• • Target

    3295c7007844215c64b9b2cdcd9cdbf3547265b90f759a6ecf317e88735d5fd2

  • Size

    231KB

  • MD5

    03bd785a3bde97195324c1c6b1b0d806

  • SHA1

    a7ccfd637373d7385251eb9b826b3bc9fc1e43dc

  • SHA256

    3295c7007844215c64b9b2cdcd9cdbf3547265b90f759a6ecf317e88735d5fd2

  • SHA512

    73009db5fe604232ed00d717f28f5dac9a796431a579a725cfdaa79f1d9676954b7ca556f19221362b2b9ed54e5022d49dbd3fe26505fa240740c9e84824a1b3

  • SSDEEP

    3072:kU6PGZZArvsOGP58Q6W+imc2uXrkkhRMGRJRVa17tg20zDe5:uAvO+R6WFXbRxRJRzRzD

  Score

  10^/10

  stealcdiscoveryspywarestealer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2