Extracted

• • Target

    302d75021805ebab82635df02fc3aab42b5d19cda139aea37171296d7213bfee

  • Size

    229KB

  • MD5

    7f29eb67af079a0e79875ee876b58201

  • SHA1

    05a52e53ca7f556b6226990aea77d0dd7fb32374

  • SHA256

    302d75021805ebab82635df02fc3aab42b5d19cda139aea37171296d7213bfee

  • SHA512

    f34de0616b1628ee8ad6e98d9b01f2dc4402378ce6311e85c82d93d4caab4b433fc99bd4876b1d57263d82d4668f216734262c4b0edd308540cf8c0d9753b90e

  • SSDEEP

    3072:I0WWOaA3tTXQASvoU1+GU5eWYbD2/kf8bTLgVQp2LWMLP/tQhZNlsnhdWnB6B8ex:ZSt8Z1ZPsqVQwP2hBshonoB8eQj/

  Score

  10^/10

  stealcdefault11discoveryspywarestealer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2