Overview

overview

10

Static

static

1

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    206KB

  • Sample

    240819-qyh54azhkr

  • MD5

    f6b3d422501a566c90a133b3fea8d506

  • SHA1

    00b2c07e6da9107fe140d7f6762fe3087442c55b

  • SHA256

    144e8f7fe9322aee4706e0496dd19ac65427a254eeab07130bdd9d4dd4186098

  • SHA512

    c6844eed98fc8071b351a74af06c3a8be5b1acbd914884813871a5f31afb19944147263da604634b5005a6de7100c4873de0c6a2a232cbcc9e575bc006e60242

  • SSDEEP

    3072:d3g5D9wZiRI0+Kgu3PyTDDp9XVqAFiRV/hb0qhjDy4mtmY5Kwo8Op948r+A1KhHw:9g5D9wEhLgu34gAFiRXhSxtEyhoEO

Score
10/10
stealcnorddiscoverystealer

Malware Config

Extracted

Family

stealc

Botnet

nord

C2

http://185.215.113.100

Attributes
  • url_path

    /e2b1563c6670f193.php

Targets

    • Target

      file.exe

    • Size

      206KB

    • MD5

      f6b3d422501a566c90a133b3fea8d506

    • SHA1

      00b2c07e6da9107fe140d7f6762fe3087442c55b

    • SHA256

      144e8f7fe9322aee4706e0496dd19ac65427a254eeab07130bdd9d4dd4186098

    • SHA512

      c6844eed98fc8071b351a74af06c3a8be5b1acbd914884813871a5f31afb19944147263da604634b5005a6de7100c4873de0c6a2a232cbcc9e575bc006e60242

    • SSDEEP

      3072:d3g5D9wZiRI0+Kgu3PyTDDp9XVqAFiRV/hb0qhjDy4mtmY5Kwo8Op948r+A1KhHw:9g5D9wEhLgu34gAFiRXhSxtEyhoEO

    Score
    10/10
    stealcnorddiscoverystealer

    • Stealc

      Stealc is an infostealer written in C++.

      stealerstealc

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks