Extracted

• • Target

    3de722f64d778d94c65cd85525b813a27c685804573cc35bacb8d4e5d9c1333b

  • Size

    218KB

  • MD5

    c97705dff3ab16dca5a94adbee23e579

  • SHA1

    b82fd32843ae7b39be14b6d57d559d89fed38477

  • SHA256

    3de722f64d778d94c65cd85525b813a27c685804573cc35bacb8d4e5d9c1333b

  • SHA512

    5eafa227ced5bc7dd6324487bdaaca5163a43c413d50175d7be04587aef4eda63c3f7aba4ee22dc50003a16d2b4449c9b6b349ac2fd1137eb05f5cc2a76e5430

  • SSDEEP

    3072:6u5tw9oh0MTwWOBzAK8B+MBheMjmDqSWwYJzydxu2G13OrRm+OxQxbTh/Ry:Xw9+aRAHBQmeqlJzydxrRzgEbTh/

  Score

  10^/10

  stealcdefault11discoveryspywarestealer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2