stealc | da88bc40c7826a659ebd6da325bd04c9f52d4ceeef6916aafeef471c685a96b9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

956d73b7f041.exe
Size

503KB
Sample

241005-qxc8fstgmj
MD5

054fec89fe7a32577df6035ee7e06de8
SHA1

14158263da82fdead85bed962ff9001d3e931dfd
SHA256

da88bc40c7826a659ebd6da325bd04c9f52d4ceeef6916aafeef471c685a96b9
SHA512

3429c5093d63512734559e0bfb7dd7898b18a43d6556de14446aa2226369f9de740103136f4ff04435f73978bba0718ba918878a22ebb4e78c7a99e25a78d4cd
SSDEEP

12288:HJ0/aAU4itlr3B85rDPuuSELDdmwOtrGk626eZhdIiSEO:QagitcTu28trGsWxt

Score

10^/10

stealc default5_doz discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

default5_doz

C2

http://62.204.41.159

Attributes

url_path
/edd20096ecef326d.php

Targets

- Target
  
  956d73b7f041.exe
- Size
  
  503KB
- MD5
  
  054fec89fe7a32577df6035ee7e06de8
- SHA1
  
  14158263da82fdead85bed962ff9001d3e931dfd
- SHA256
  
  da88bc40c7826a659ebd6da325bd04c9f52d4ceeef6916aafeef471c685a96b9
- SHA512
  
  3429c5093d63512734559e0bfb7dd7898b18a43d6556de14446aa2226369f9de740103136f4ff04435f73978bba0718ba918878a22ebb4e78c7a99e25a78d4cd
- SSDEEP
  
  12288:HJ0/aAU4itlr3B85rDPuuSELDdmwOtrGk626eZhdIiSEO:QagitcTu28trGsWxt
Score

10^/10

stealc default5_doz discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdefault5_dozdiscoverystealer

behavioral2

stealcdefault5_dozdiscoverystealer