stealc | 6a31ebe9229cfc848bf7350767d2da46afe981ca506d015267c4578c9181635b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a31ebe9229cfc848bf7350767d2da46afe981ca506d015267c4578c9181635b
Size

2.3MB
MD5

a3adfb806194af894b71b6589ef55bfc
SHA1

d5d6b7e07b4425fdb5db99e85cd482f06efe162a
SHA256

6a31ebe9229cfc848bf7350767d2da46afe981ca506d015267c4578c9181635b
SHA512

5ddd1978b66a1080ca15351c12ed02ff401fa87af2a302d954b30cc9864e520014839584a26bae0432013130097fd8b03cbe6a07c4b0c347121fca1b52b12b6f
SSDEEP

3072:/k9W0KFj5qj6o8KaxfE54HnnGqaKl+b2n8O43tIFmp:/kE/j5K62aOanGqCbAq3SFA

Score

10^/10

stealc

Malware Config

Signatures

Stealc family
stealc

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a31ebe9229cfc848bf7350767d2da46afe981ca506d015267c4578c9181635b

Files

6a31ebe9229cfc848bf7350767d2da46afe981ca506d015267c4578c9181635b
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ