stealc | 5b29e4998c31983a505873b082755d1d375192dfe5bb2f9bb92aeb05e01b7660 | Triage

Submit
Reports

Overview

overview

Static

static

fe4ca7d7b7...c1.exe

windows11-21h2-x64

8

Resubmissions

23-05-2024 04:34

240523-e7hedaea69 10

23-05-2024 04:27

240523-e26vsadh42 10

Sharing

General

Target

stealc.zip
Size

106KB
Sample

240523-e26vsadh42
MD5

3692aa0c319544910a6dff28f110dc8f
SHA1

79492dcff0fa673137732eed078ee54a1493fd8d
SHA256

5b29e4998c31983a505873b082755d1d375192dfe5bb2f9bb92aeb05e01b7660
SHA512

109e2411193bc05b42bae65d6546c13c34c7a049fa2f624301ecb9e18d172356c62575fa5924d5164f9fd6b23328da69caf5b29888aa1a236b31316240f7ff5e
SSDEEP

3072:5neLUg6lR3b0DiVWg9II+K44D7a/alSy85gxoqFpj:5neLUb3bt5Tn7a/alSyfyspj

Score

10^/10

stealc vidar discovery spyware stealer

Static task

static1

stealer vidar stealc

4 signatures

Behavioral task

behavioral1

Sample

fe4ca7d7b713dd306597e33a8dd686706843542911fea4ef54941857b10219c1.exe

Resource

win11-20240508-en

discovery spyware stealer

windows11-21h2-x64

14 signatures

300 seconds

Malware Config

Extracted

Family

stealc

rc4.plain

Targets

- Target
  
  fe4ca7d7b713dd306597e33a8dd686706843542911fea4ef54941857b10219c1
- Size
  
  2.3MB
- MD5
  
  f9076703321c6e3e292f0955d3e56dbd
- SHA1
  
  a199a764dfd00c768d5a26f8250b0d5cb24df9c1
- SHA256
  
  fe4ca7d7b713dd306597e33a8dd686706843542911fea4ef54941857b10219c1
- SHA512
  
  432ebb7ecef50e4ae6ca98a9b3e3f36b6d1879db20cd67cce1e1e588e0a43d7331d0f31118cbb49ab2ca74f527dd4e6c26216043be9657b1c46cd0dd3a07d1bc
- SSDEEP
  
  3072:0f8nGHElvZZT+4qXcHvuefUbgtvfYtgJErjCBUvkUT/HTNN:08nFlvCxBX2XYKujUALrTNN
Score

8^/10

discovery spyware stealer
- Downloads MZ/PE file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

stealervidarstealc

behavioral1

discoveryspywarestealer

© 2018-2024

Terms | Privacy