Extracted

• • Target

    55d167d04ea6b44c36fb9b109589e2c8.exe

  • Size

    1.5MB

  • MD5

    55d167d04ea6b44c36fb9b109589e2c8

  • SHA1

    148e280cb6744c208dcd8984eb3ec36ebae9d255

  • SHA256

    02a01859a6636016393dec9c654cdcf811ad6cfbc205a5c8f56b150ceea2e3e6

  • SHA512

    761a6230f6c876a6224b263cf4b52fa68866f97159fadf18b25f283f34b639629d8d98c599edf36402e689e19f67af13ff8c48c7ac70210b4a3a5862b50def80

  • SSDEEP

    24576:IXc46Crf8fAdacHps+/qASfmBgXk/xrADOv1xvF87hso8bTTXo:IXl8IdHHO+SASagXkJr4MDkhs9g

  Score

  10^/10

  stealcdefaultstealerdiscovery

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Executes dropped EXE

  • Loads dropped DLL

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral1behavioral2