Extracted

• • Target

    1f8a52d3e379cbcf2c212c7ff11d7d5587713a6f2395ea5f8f6d2246f47d5dca

  • Size

    223KB

  • MD5

    968462eb4428ef7ae9df7c2751de84a8

  • SHA1

    de0aa4533f283e1e74b4cc3a0d5ce8bf47e014e4

  • SHA256

    1f8a52d3e379cbcf2c212c7ff11d7d5587713a6f2395ea5f8f6d2246f47d5dca

  • SHA512

    064d76fb1312ad7074021e0a6355609dff5d869e4dfbc97dbc3337514bc1a8a324da067a8944bf484d5e42b305f724170f03738bb449266c84566f8d2430f818

  • SSDEEP

    3072:P4izjk6QeivBbQx7qN+rZ/TR2b/8pFMCrshxfLcst0c+F7ZHk/4sH+lHUDvAzfLo:PJ4nPmONP4XMIstlcxksUzAGT3Y

  Score

  10^/10

  stealcdefault11discoveryspywarestealer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2