stealc | bebd67dd3cd08bab05295f04c108b2bdbb66cf4b133e6a4f9d800ff31094ca48 | Triage

Sharing

General

Target

bebd67dd3cd08bab05295f04c108b2bdbb66cf4b133e6a4f9d800ff31094ca48
Size

294KB
Sample

240820-qchmfaxclj
MD5

79646b790d736cc10c6b206b2f818f19
SHA1

5e55cf24e106eb19fb54bc94c55bbd906ce5e482
SHA256

bebd67dd3cd08bab05295f04c108b2bdbb66cf4b133e6a4f9d800ff31094ca48
SHA512

8ace469c93a838b1adba2b689c78d398f285d1bcf2803d60b4e2c75d4bd47557231a32547ff346cbf8b5a48697a2de2c8229972db31f28940eaed054fbaf8b2d
SSDEEP

3072:0f30wI3htwMp8LZMPu2eRg9Kp44VUF56VX7bWCwB+4IHH5XI2zoYYI:G30wI3heMOZMneq9KbY813V4IJz0I

Score

10^/10

stealc default discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

default

C2

http://62.204.41.151

Attributes

url_path
/edd20096ecef326d.php

Targets

- Target
  
  bebd67dd3cd08bab05295f04c108b2bdbb66cf4b133e6a4f9d800ff31094ca48
- Size
  
  294KB
- MD5
  
  79646b790d736cc10c6b206b2f818f19
- SHA1
  
  5e55cf24e106eb19fb54bc94c55bbd906ce5e482
- SHA256
  
  bebd67dd3cd08bab05295f04c108b2bdbb66cf4b133e6a4f9d800ff31094ca48
- SHA512
  
  8ace469c93a838b1adba2b689c78d398f285d1bcf2803d60b4e2c75d4bd47557231a32547ff346cbf8b5a48697a2de2c8229972db31f28940eaed054fbaf8b2d
- SSDEEP
  
  3072:0f30wI3htwMp8LZMPu2eRg9Kp44VUF56VX7bWCwB+4IHH5XI2zoYYI:G30wI3heMOZMneq9KbY813V4IJz0I
Score

10^/10

stealc default discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdefaultdiscoverystealer

behavioral2

stealcdefaultdiscoverystealer