stealc | 2810edd1f6141162f03cbcf14677108ec4449cb8c15637a83a51ab9b36e75551 | Triage

Sharing

General

Target

2810edd1f6141162f03cbcf14677108ec4449cb8c15637a83a51ab9b36e75551
Size

2.5MB
Sample

240805-lfmncascnr
MD5

83d776646e204bbdc4e65b2251a17f26
SHA1

2d46f42fe5e17f36b4c1a7409c691b0bfb86bd0e
SHA256

2810edd1f6141162f03cbcf14677108ec4449cb8c15637a83a51ab9b36e75551
SHA512

8c6a10202dd3234b607cd1da4e563b6fc498cfe50f1b8312816a6e04478d6a9c88596813b634fb4cae1f889fcd357fce316decc5d871b6b89db2e3f011aea2f0
SSDEEP

49152:exeOAwBApSJdHFtSEXniknCRLmPtwWd/qb9m2TcAC0Xntb:exvAwyp0HFtSEXnfCEPuWdSb9TcrEV

Score

10^/10

stealc default discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

default

C2

http://185.215.113.24

Attributes

url_path
/e2b1563c6670f193.php

Targets

- Target
  
  2810edd1f6141162f03cbcf14677108ec4449cb8c15637a83a51ab9b36e75551
- Size
  
  2.5MB
- MD5
  
  83d776646e204bbdc4e65b2251a17f26
- SHA1
  
  2d46f42fe5e17f36b4c1a7409c691b0bfb86bd0e
- SHA256
  
  2810edd1f6141162f03cbcf14677108ec4449cb8c15637a83a51ab9b36e75551
- SHA512
  
  8c6a10202dd3234b607cd1da4e563b6fc498cfe50f1b8312816a6e04478d6a9c88596813b634fb4cae1f889fcd357fce316decc5d871b6b89db2e3f011aea2f0
- SSDEEP
  
  49152:exeOAwBApSJdHFtSEXniknCRLmPtwWd/qb9m2TcAC0Xntb:exvAwyp0HFtSEXnfCEPuWdSb9TcrEV
Score

10^/10

stealc default discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdefaultdiscoverystealer

behavioral2

stealcdefaultdiscoverystealer