stealc | 383442ecd4bff5dc709ad467a2852d0a7cb79c38c09b1f3e612bacfaa0ceb92f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

383442ecd4bff5dc709ad467a2852d0a7cb79c38c09b1f3e612bacfaa0ceb92f
Size

1.1MB
Sample

240722-fql7nszern
MD5

4367b1db8ee57c606a7a8f12c153f876
SHA1

6715acb953b6ebc65727c8fa4490a6d62f86e7c9
SHA256

383442ecd4bff5dc709ad467a2852d0a7cb79c38c09b1f3e612bacfaa0ceb92f
SHA512

34cb861515577cf61f1c30db2f1f5aa4dc4037f68784bd0fbbe8464833b90c1fdc552bb5cf0914a905b31f5e8e3ee495d2611db03818a1df7bcce383fb20b3c1
SSDEEP

24576:rPt6GHkSUG0EZnwiOjAFf+RjHG+m7FKAcFUvNiool/:J7HkSUG1ZnEsp+RjHG+AMAkUvN

Score

10^/10

stealc funny stealer

Malware Config

Extracted

Family

stealc

Botnet

funny

C2

http://85.28.47.30

Attributes

url_path
/920475a59bac849d.php

Targets

- Target
  
  383442ecd4bff5dc709ad467a2852d0a7cb79c38c09b1f3e612bacfaa0ceb92f
- Size
  
  1.1MB
- MD5
  
  4367b1db8ee57c606a7a8f12c153f876
- SHA1
  
  6715acb953b6ebc65727c8fa4490a6d62f86e7c9
- SHA256
  
  383442ecd4bff5dc709ad467a2852d0a7cb79c38c09b1f3e612bacfaa0ceb92f
- SHA512
  
  34cb861515577cf61f1c30db2f1f5aa4dc4037f68784bd0fbbe8464833b90c1fdc552bb5cf0914a905b31f5e8e3ee495d2611db03818a1df7bcce383fb20b3c1
- SSDEEP
  
  24576:rPt6GHkSUG0EZnwiOjAFf+RjHG+m7FKAcFUvNiool/:J7HkSUG1ZnEsp+RjHG+AMAkUvN
Score

10^/10

stealc funny stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

stealcfunnystealer

behavioral2

stealcfunnystealer