Extracted

• • Target

    a5eccf0a2d01ec867d09762599e89cabd9e3b36d1889a16cee4030f5e50bc3ad

  • Size

    211KB

  • MD5

    f971c225bcba57477847dd6cc1054f2e

  • SHA1

    137f0ea369467077bc37742127d59f43ddfaf073

  • SHA256

    a5eccf0a2d01ec867d09762599e89cabd9e3b36d1889a16cee4030f5e50bc3ad

  • SHA512

    fbe33cd151d571ec93acefd7b01732e8f8ceb97f64617810acfecc3cfdc7612392a3e75b1763545a6803329ad57637d6d3e6256b9802a4c517052ce941259e25

  • SSDEEP

    3072:QsaStQHloAGgMyY2Z6+5sAwfUbYIfa5m1HLwJZbluX/yxEucBGQe:uL2vgE9m/a5m1H8luPuX

  Score

  10^/10

  stealcdefault11discoveryspywarestealer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2