stealc | b2c9dc45a604fb78f67c28c065e821a08ea22664d11fd98ef6e16380becefb7a | Triage

Submit
Reports

Overview

overview

Static

static

1

GG.cmd

windows11-21h2-x64

1

RegAsm.exe.vbs

windows11-21h2-x64

Sharing

General

Target

httpsgithub.comunileprionishudsight-2-free.zip
Size

727B
Sample

240526-pqbklsde28
MD5

54f4d0310476c46d7582ac173fc491a0
SHA1

c6d4e2a5655661a44cc8b6a125e3c0d2ed7945dd
SHA256

b2c9dc45a604fb78f67c28c065e821a08ea22664d11fd98ef6e16380becefb7a
SHA512

f7e10b0b29193f3009e561ee4129f245d0044c79498fdb66ef3593991b65a9cef75d1beadbcd4edaaa29a408dc4b7cb457f695179e7001b84fa4a22faf70dc26

Score

10^/10

stealc vidar persistence stealer

Static task

static1

Behavioral task

behavioral1

Sample

GG.cmd

Resource

win11-20240508-en

windows11-21h2-x64

0 signatures

300 seconds

Behavioral task

behavioral2

Sample

RegAsm.exe.vbs

Resource

win11-20240508-en

stealc vidar persistence stealer

windows11-21h2-x64

17 signatures

300 seconds

Malware Config

Targets

- Target
  
  GG.cmd
- Size
  
  60B
- MD5
  
  14d83bc3c85606c0b4f44adb23f79a27
- SHA1
  
  dae046cd53755393ec8dc39d7e879a2776826fbb
- SHA256
  
  32ab12b97b81fca86739247f27fcb708e8cf7e2e925813d9dc8fadcc2095d592
- SHA512
  
  7dbefba1f8bfb80103a77b7f49de8b0f97abf0a0a63783ea509fb95f593dc6a7ae2fa92e08a76132a0c4cef7aadee2419216721cd802bf183fd4b58c9c68524d
Score

1^/10
behavioral1
- Target
  
  RegAsm.exe.reg
- Size
  
  796B
- MD5
  
  96b82317503924c7d6219ec82e62e077
- SHA1
  
  258195926162e7ea161893ce67726166b3d00e58
- SHA256
  
  8fa98d60d53c1c2e5f59c5b7cdd6018cc2ac2817fe7f44515488b1ebf1014259
- SHA512
  
  8df38cf55587d9a142d67c629bd9a2f3b4b2e6ea4656fbd7f702f3860fb265f240c4085edab13c4f68a4817c25f4d5f018f578ab14091085cad5949920ec9a6b
Score

10^/10

stealc vidar persistence stealer
- Detect Vidar Stealer
  stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Sets file execution options in registry
  persistence
- Executes dropped EXE
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcvidarpersistencestealer

© 2018-2024

Terms | Privacy