Extracted

• • Target

    Setup.exe

  • Size

    663.4MB

  • MD5

    70a9e51d9777a02427404e4dc2325f0f

  • SHA1

    b340348b78dcbbdc49dc9206f68aa3950723b964

  • SHA256

    f9f5fe8a6d4ef35fdacc5623b1dc689be3ea89c61efdf68e0ddf449916396f05

  • SHA512

    65888e9a446880cd8911ed56047392c00735fe484530962e8d1b70256b082c9eff822b4db0c84db689e5f11331b56acfa62d86b0a496f8b6b744380853b86ebe

  • SSDEEP

    196608:Xpcugy7TlXNdj+P64+SPrW7hOOo4j704ehNVhV98x+L5rCZhwNNwL84XiOHWgE:Xpcu7k6BkOxU4o

  Score

  10^/10

  stealcpuarospywarestealer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Loads dropped DLL

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2behavioral3behavioral4