stealc | b1d6fa28315f0902472c134b85abbfbe8ac07726abc974d6df14ffa2f902358b | Triage

Sharing

General

Target

b1d6fa28315f0902472c134b85abbfbe8ac07726abc974d6df14ffa2f902358b.exe
Size

7.6MB
Sample

241002-bxezqathpa
MD5

b6245c9e284a88a80833db1a2d2e5dbe
SHA1

d2466c74e19f55a50d3358779b78a336f66d4e4d
SHA256

b1d6fa28315f0902472c134b85abbfbe8ac07726abc974d6df14ffa2f902358b
SHA512

b0016cfad3bf7d2dc9de6e6bdf1324f16c2e002f64aa58c5b9ee8af32ea35f0c0cae125442127d692672660e4935faba604db8258d86642ebc52c742c0b9f5f2
SSDEEP

98304:NFK6gZJU/Bjl7jBX2e0a2OcI/v0VcgCNuIhZUwRR6Rn:Nc6gZJyBjl7jBX2etc214IwwRR6Rn

Score

10^/10

stealc a2 discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

A2

C2

http://45.200.148.113

Attributes

url_path
/0a616124ff2f2b69.php

Targets

- Target
  
  b1d6fa28315f0902472c134b85abbfbe8ac07726abc974d6df14ffa2f902358b.exe
- Size
  
  7.6MB
- MD5
  
  b6245c9e284a88a80833db1a2d2e5dbe
- SHA1
  
  d2466c74e19f55a50d3358779b78a336f66d4e4d
- SHA256
  
  b1d6fa28315f0902472c134b85abbfbe8ac07726abc974d6df14ffa2f902358b
- SHA512
  
  b0016cfad3bf7d2dc9de6e6bdf1324f16c2e002f64aa58c5b9ee8af32ea35f0c0cae125442127d692672660e4935faba604db8258d86642ebc52c742c0b9f5f2
- SSDEEP
  
  98304:NFK6gZJU/Bjl7jBX2e0a2OcI/v0VcgCNuIhZUwRR6Rn:Nc6gZJyBjl7jBX2etc214IwwRR6Rn
Score

10^/10

stealc a2 discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealca2discoverystealer

behavioral2

stealca2discoverystealer