Extracted

• • Target

    ca20476eab92bfb30bbd6b7ad2961010.exe

  • Size

    228KB

  • MD5

    ca20476eab92bfb30bbd6b7ad2961010

  • SHA1

    549e27826585706b0a3fbd5ca62fe9cf94360242

  • SHA256

    5913b56762d3253e0d9cefdd62f311f2a1a902f643b4c4cdb0220d1a38a3dbf9

  • SHA512

    1355f0da04dbc5fe79c122793a6ffa720dfb932d07910fb1dc2a728751fb2e4636439c03016f2a9276f838133fd98768a7b6ee086c553d78b75d57c8c7ddd350

  • SSDEEP

    6144:wB5Q/aqNI6aZg0RMrKB0uEdRj4pHLKd1k6cw:kDZgCMrk0u1Q

  Score

  10^/10

  stealcdefault11discoveryspywarestealer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2