stealc | d43af0c0a5058412c903698b4ac55f150f6a20cac43344b5a596906780dac1f7 | Triage

Submit
Reports

Overview

overview

Static

static

1

d43af0c0a5...f7.exe

windows7-x64

d43af0c0a5...f7.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

d43af0c0a5058412c903698b4ac55f150f6a20cac43344b5a596906780dac1f7.exe
Size

1012KB
Sample

240823-c85vystepj
MD5

dadfa6f51c990b1b4f5520f3a8e2c824
SHA1

b44c7df9b283aa1f334742cf2113ce0ff1185e4b
SHA256

d43af0c0a5058412c903698b4ac55f150f6a20cac43344b5a596906780dac1f7
SHA512

21817907b2016e346e3d110334838b7b42bda885291184b42d4a0e05cde8e8c2769075658694ec7d90af25154be50214f7fe27f52b201ef744f7a95ba7af40df
SSDEEP

24576:QzZmhskEKg3ADrO2paC5fgNl+ydoqyZH/M9OI9m8toYxILUj1:QchHgm9paCyNl+51Hk93m8aYAE

Score

10^/10

stealc discovery stealer

Static task

static1

Behavioral task

behavioral1

Sample

d43af0c0a5058412c903698b4ac55f150f6a20cac43344b5a596906780dac1f7.exe

Resource

win7-20240704-en

stealc discovery stealer

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

d43af0c0a5058412c903698b4ac55f150f6a20cac43344b5a596906780dac1f7.exe

Resource

win10v2004-20240802-en

stealc discovery stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  d43af0c0a5058412c903698b4ac55f150f6a20cac43344b5a596906780dac1f7.exe
- Size
  
  1012KB
- MD5
  
  dadfa6f51c990b1b4f5520f3a8e2c824
- SHA1
  
  b44c7df9b283aa1f334742cf2113ce0ff1185e4b
- SHA256
  
  d43af0c0a5058412c903698b4ac55f150f6a20cac43344b5a596906780dac1f7
- SHA512
  
  21817907b2016e346e3d110334838b7b42bda885291184b42d4a0e05cde8e8c2769075658694ec7d90af25154be50214f7fe27f52b201ef744f7a95ba7af40df
- SSDEEP
  
  24576:QzZmhskEKg3ADrO2paC5fgNl+ydoqyZH/M9OI9m8toYxILUj1:QchHgm9paCyNl+51Hk93m8aYAE
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer

behavioral2

stealcdiscoverystealer

© 2018-2025

Terms | Privacy