General

  • Target

    bac402b5749b2da2211db6d2404c1c621ccd0c2e5d492eb6f973b3e2d38dd361

  • Size

    1.2MB

  • Sample

    240627-288dhszenq

  • MD5

    242214131486132e33ceda794d66ca1f

  • SHA1

    4ce34fd91f5c9e35b8694007b286635663ef9bf2

  • SHA256

    bac402b5749b2da2211db6d2404c1c621ccd0c2e5d492eb6f973b3e2d38dd361

  • SHA512

    031e0904d949cec515f2d6f2b5e4b9c0df03637787ff14f20c58e711c54eec77d1f22aa0cf0f6efd65362c1fc0066645d5d005c6a77fe5b169427cdd42555d29

  • SSDEEP

    24576:vjOwtWBrHdDD2PVc1ZQBQkoTjPCpKTbzMxaZc+zrUmz:vCwtW9dDyPyz6DMPCMTbzdZc+kmz

Score
10/10

Malware Config

Extracted

Family

stealc

Botnet

jopa

C2

http://65.21.175.0

Attributes
  • url_path

    /108e010e8f91c38c.php

Targets

    • Target

      bac402b5749b2da2211db6d2404c1c621ccd0c2e5d492eb6f973b3e2d38dd361

    • Size

      1.2MB

    • MD5

      242214131486132e33ceda794d66ca1f

    • SHA1

      4ce34fd91f5c9e35b8694007b286635663ef9bf2

    • SHA256

      bac402b5749b2da2211db6d2404c1c621ccd0c2e5d492eb6f973b3e2d38dd361

    • SHA512

      031e0904d949cec515f2d6f2b5e4b9c0df03637787ff14f20c58e711c54eec77d1f22aa0cf0f6efd65362c1fc0066645d5d005c6a77fe5b169427cdd42555d29

    • SSDEEP

      24576:vjOwtWBrHdDD2PVc1ZQBQkoTjPCpKTbzMxaZc+zrUmz:vCwtW9dDyPyz6DMPCMTbzdZc+kmz

    Score
    10/10
    • Stealc

      Stealc is an infostealer written in C++.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks