Extracted

• • Target

    f05f66909f30cb421f36707aaa7c5700b5fb33a5b2f3efe7ac3d78675a5540b1

  • Size

    208KB

  • MD5

    4ebca625b4417c345a08125da5633938

  • SHA1

    839ecbb46e623b3d0b829579e96c216b41af2dc3

  • SHA256

    f05f66909f30cb421f36707aaa7c5700b5fb33a5b2f3efe7ac3d78675a5540b1

  • SHA512

    03eb6cb478e584e6618b5bc5b32135dd01bdc1214f8325d97148db688a32ea03f3e9e2b3e41d4876dd4617479cf03f725521c7ef4a2c9d3a50fd3ac4f47db84b

  • SSDEEP

    3072:Db+7Qr3z+trZesbNMST4nkFaSYrRYN5rPKE+agR5C:3Jj+rZd5Mw4koSYrRYzRdg

  Score

  10^/10

  stealcdefault11discoveryspywarestealer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2