stealc | aba594d71b6d51997b6476a46cc5f3622ff9e53030d400eb314183d39c7b7db1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f0564dc7eade067006e87daf3c0c71e.exe
Size

2.4MB
Sample

240802-hs7x9sxaqg
MD5

0f0564dc7eade067006e87daf3c0c71e
SHA1

e031e7fecc686bbcf7e6310b7fcc0ac6828ba133
SHA256

aba594d71b6d51997b6476a46cc5f3622ff9e53030d400eb314183d39c7b7db1
SHA512

e6dfca7e406cd7abd16b88dbec9446f75761d58c809abae967fbc3fd8431e0bcabe58c0c2dec7a3a135505da1ae73a7a4af7e14f4d33131486ab8a4bf6bfa6aa
SSDEEP

49152:qczc5vpZXdgT+S9O25fqOTpSlTc2nJ1rtKxu/S:1zc5vq709Cgq

Score

10^/10

stealc default discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

default

C2

http://185.215.113.24

Attributes

url_path
/e2b1563c6670f193.php

Targets

- Target
  
  0f0564dc7eade067006e87daf3c0c71e.exe
- Size
  
  2.4MB
- MD5
  
  0f0564dc7eade067006e87daf3c0c71e
- SHA1
  
  e031e7fecc686bbcf7e6310b7fcc0ac6828ba133
- SHA256
  
  aba594d71b6d51997b6476a46cc5f3622ff9e53030d400eb314183d39c7b7db1
- SHA512
  
  e6dfca7e406cd7abd16b88dbec9446f75761d58c809abae967fbc3fd8431e0bcabe58c0c2dec7a3a135505da1ae73a7a4af7e14f4d33131486ab8a4bf6bfa6aa
- SSDEEP
  
  49152:qczc5vpZXdgT+S9O25fqOTpSlTc2nJ1rtKxu/S:1zc5vq709Cgq
Score

10^/10

stealc default discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdefaultdiscoverystealer

behavioral2

stealcdefaultdiscoverystealer