stealc | 869deec09d4b035c500fb282df367e622f3e75e39fef3f6cd674fb1d1dca7b09 | Triage

Sharing

General

Target

869deec09d4b035c500fb282df367e622f3e75e39fef3f6cd674fb1d1dca7b09.exe
Size

13.5MB
Sample

241002-bsl78stfph
MD5

3988d57be5af6fb461fec4bbd0f747f3
SHA1

c4ea1473edc170309eb4f0d3b8f753e390ac1553
SHA256

869deec09d4b035c500fb282df367e622f3e75e39fef3f6cd674fb1d1dca7b09
SHA512

01cc125096db783d42ec1d82ccb896e5286f5aab6523e8931d41cc57979825738e80a8c57c14b09f19a7d50761cce5b7ace80837cf00bfae27d8ac4ebf5e9487
SSDEEP

196608:7kOSXo+Hu/GindojDIg9Cbk/V81OWa4l7:7kO6vHJDiZj

Score

10^/10

stealc a1 discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

A1

C2

http://45.200.148.113

Attributes

url_path
/0a616124ff2f2b69.php

Targets

- Target
  
  869deec09d4b035c500fb282df367e622f3e75e39fef3f6cd674fb1d1dca7b09.exe
- Size
  
  13.5MB
- MD5
  
  3988d57be5af6fb461fec4bbd0f747f3
- SHA1
  
  c4ea1473edc170309eb4f0d3b8f753e390ac1553
- SHA256
  
  869deec09d4b035c500fb282df367e622f3e75e39fef3f6cd674fb1d1dca7b09
- SHA512
  
  01cc125096db783d42ec1d82ccb896e5286f5aab6523e8931d41cc57979825738e80a8c57c14b09f19a7d50761cce5b7ace80837cf00bfae27d8ac4ebf5e9487
- SSDEEP
  
  196608:7kOSXo+Hu/GindojDIg9Cbk/V81OWa4l7:7kO6vHJDiZj
Score

10^/10

stealc a1 discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealca1discoverystealer

behavioral2