stealc | 43f5db59709683d5fa3bab0d8b3c9cffe6500af722e678c795ec383edbf44b08 | Triage

Sharing

General

Target

777.exe
Size

419KB
Sample

240727-z16hvayhlj
MD5

8c73eea8c4a07427bca0223f6cb08310
SHA1

4737c39fcc3b2294c4f23ba77f6b234c92be668d
SHA256

43f5db59709683d5fa3bab0d8b3c9cffe6500af722e678c795ec383edbf44b08
SHA512

3c5499c3c028a2295627bbf51f77be944e30fe49af1b2f4b7b959729162e5a7c4982c559248c9db99f42a966b19806f7dc5c650df17b79498757c88830f5ebec
SSDEEP

6144:xDtDv7vYCNMj41PYo1cLZIYcIVuqqi45x1y6GQ5UAxqLGUOaOMNsvXZ2aKYiCWEO:bvYCNM01zYcIVu9l55qLDzVmiCWEO

Score

10^/10

stealc default discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

default

C2

https://steamcommunity.com/profiles/76561198035868993

Attributes

url_path
/43e1e04e93874aba.php

Targets

- Target
  
  777.exe
- Size
  
  419KB
- MD5
  
  8c73eea8c4a07427bca0223f6cb08310
- SHA1
  
  4737c39fcc3b2294c4f23ba77f6b234c92be668d
- SHA256
  
  43f5db59709683d5fa3bab0d8b3c9cffe6500af722e678c795ec383edbf44b08
- SHA512
  
  3c5499c3c028a2295627bbf51f77be944e30fe49af1b2f4b7b959729162e5a7c4982c559248c9db99f42a966b19806f7dc5c650df17b79498757c88830f5ebec
- SSDEEP
  
  6144:xDtDv7vYCNMj41PYo1cLZIYcIVuqqi45x1y6GQ5UAxqLGUOaOMNsvXZ2aKYiCWEO:bvYCNM01zYcIVu9l55qLDzVmiCWEO
Score

10^/10

discovery stealc default stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdefaultdiscoverystealer