Overview

overview

10

Static

static

1

URLScan

urlscan

https://www.youtube....

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbG04Nkg5N3NVRUtueHR6bHJoSkQ4ZG5Ga01Ld3xBQ3Jtc0tuZk04TzV2SGduUE04YkNvVXYyczVVdDY4RVpQbmdQLUlJNFR5Z0VWbjFzRElKNjJhMGFUVWQ3M21vblROcE9WckF2NzRiN1g5NUczN0J0MFJCc1V0UHRlWjFwMEN3QWlzMjdfYXdoQ0NNZ1VQd2Rzbw&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2Fugjgbtv7bgef6%2FExlauncher&v=oXjNemmUDT4

  • Sample

    240812-lwnkkswarn

Score
10/10
stealccr7discoverystealer

Malware Config

Extracted

Family

stealc

Botnet

cr7

C2

http://45.152.115.5

Attributes
  • url_path

    /587ec30955d49a9c.php

Targets

    • Target

      https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbG04Nkg5N3NVRUtueHR6bHJoSkQ4ZG5Ga01Ld3xBQ3Jtc0tuZk04TzV2SGduUE04YkNvVXYyczVVdDY4RVpQbmdQLUlJNFR5Z0VWbjFzRElKNjJhMGFUVWQ3M21vblROcE9WckF2NzRiN1g5NUczN0J0MFJCc1V0UHRlWjFwMEN3QWlzMjdfYXdoQ0NNZ1VQd2Rzbw&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2Fugjgbtv7bgef6%2FExlauncher&v=oXjNemmUDT4

    Score
    10/10
    stealccr7discoverystealer

    • Stealc

      Stealc is an infostealer written in C++.

      stealerstealc

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks