stealc | 250c25d5b2630e64dd97c7ff3812374438c996481e162bc63eb8700b22377f18 | Triage

Sharing

General

Target

250c25d5b2630e64dd97c7ff3812374438c996481e162bc63eb8700b22377f18
Size

206KB
Sample

240812-dtxrgasgrq
MD5

83343cafe346dab4ba462886c0ba5ada
SHA1

2430e03f07906ead42283d9cd1ec9b33b5c4d471
SHA256

250c25d5b2630e64dd97c7ff3812374438c996481e162bc63eb8700b22377f18
SHA512

4d2d2d908e54a1bee081ea844b0a481d164d415681bb8dfa48eda11b884d93f383add142bfcb7ad5dfd739cbfc23aa7b478ab4e15660cb877ec7e5b9aeb8f281
SSDEEP

6144:nz/b6pi7ozPPipQ4MdfvonbO6/1ykH3fTN3RLwrEzRobEO:b0kQhFobO65H3fJuEzRIEO

Score

10^/10

stealc kora discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

kora

C2

http://185.215.113.100

Attributes

url_path
/e2b1563c6670f193.php

Targets

- Target
  
  250c25d5b2630e64dd97c7ff3812374438c996481e162bc63eb8700b22377f18
- Size
  
  206KB
- MD5
  
  83343cafe346dab4ba462886c0ba5ada
- SHA1
  
  2430e03f07906ead42283d9cd1ec9b33b5c4d471
- SHA256
  
  250c25d5b2630e64dd97c7ff3812374438c996481e162bc63eb8700b22377f18
- SHA512
  
  4d2d2d908e54a1bee081ea844b0a481d164d415681bb8dfa48eda11b884d93f383add142bfcb7ad5dfd739cbfc23aa7b478ab4e15660cb877ec7e5b9aeb8f281
- SSDEEP
  
  6144:nz/b6pi7ozPPipQ4MdfvonbO6/1ykH3fTN3RLwrEzRobEO:b0kQhFobO65H3fJuEzRIEO
Score

10^/10

stealc kora discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealckoradiscoverystealer

behavioral2

stealckoradiscoverystealer