stealc | ea47a295d7912650c9e6d0ae63e27ecdce33ddb07351f8550dd9ec790710583f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

tmpx6wzhef7
Size

14.2MB
Sample

240812-lk3kcszang
MD5

64128750e9820d79b5f4947eb25ffa30
SHA1

78b1e87bea84118194d10569faa13f412dcc7a10
SHA256

ea47a295d7912650c9e6d0ae63e27ecdce33ddb07351f8550dd9ec790710583f
SHA512

d216611eed068eb952493aeee63699257bbd537dc5da126425f8f02086498bdcce4bb1874be466259381998f442803b57213ab3281d6783213eb5e364b809409
SSDEEP

98304:dDAFnNG6kMt9fNGbu8cfOWLFaBwEhIx0DUihea0:B0r4bu1fBFyJhzpj0

Score

10^/10

stealc cr3 discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

cr3

C2

http://193.176.153.234

Attributes

url_path
/587ec30955d49a9c.php

Targets

- Target
  
  tmpx6wzhef7
- Size
  
  14.2MB
- MD5
  
  64128750e9820d79b5f4947eb25ffa30
- SHA1
  
  78b1e87bea84118194d10569faa13f412dcc7a10
- SHA256
  
  ea47a295d7912650c9e6d0ae63e27ecdce33ddb07351f8550dd9ec790710583f
- SHA512
  
  d216611eed068eb952493aeee63699257bbd537dc5da126425f8f02086498bdcce4bb1874be466259381998f442803b57213ab3281d6783213eb5e364b809409
- SSDEEP
  
  98304:dDAFnNG6kMt9fNGbu8cfOWLFaBwEhIx0DUihea0:B0r4bu1fBFyJhzpj0
Score

10^/10

stealc cr3 discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealccr3discoverystealer