stealc | c0cdd15f9913c6e88d7e124cbcba7ea981f12a856f473d0e96a94d8835d9ecf3 | Triage

Sharing

General

Target

c0cdd15f9913c6e88d7e124cbcba7ea981f12a856f473d0e96a94d8835d9ecf3.exe
Size

947KB
Sample

241014-caq9xavhrg
MD5

7de1a4a7d819cc98fccdea05f9326c1a
SHA1

be8cbf5903dd27666d08c66114b084e5245d88b8
SHA256

c0cdd15f9913c6e88d7e124cbcba7ea981f12a856f473d0e96a94d8835d9ecf3
SHA512

0534b3a4d974d8b1ed758d5bdbb58d6bd6f718b31e75c7d5fea7432862ec3d0a7063daf012ecb07a14051b2a75042a4099172acbe4bbcbab0b0ad4aa1a76fe92
SSDEEP

24576:H9jxuZJUd1cVl/Y+ZjAkOpUoD6h5Ch9cSfNdZxvhp:H9xuZJUd1cV4kOpv85scS1dbhp

Score

10^/10

stealc default7_doz discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

default7_doz

C2

http://62.204.41.176

Attributes

url_path
/edd20096ecef326d.php

Targets

- Target
  
  c0cdd15f9913c6e88d7e124cbcba7ea981f12a856f473d0e96a94d8835d9ecf3.exe
- Size
  
  947KB
- MD5
  
  7de1a4a7d819cc98fccdea05f9326c1a
- SHA1
  
  be8cbf5903dd27666d08c66114b084e5245d88b8
- SHA256
  
  c0cdd15f9913c6e88d7e124cbcba7ea981f12a856f473d0e96a94d8835d9ecf3
- SHA512
  
  0534b3a4d974d8b1ed758d5bdbb58d6bd6f718b31e75c7d5fea7432862ec3d0a7063daf012ecb07a14051b2a75042a4099172acbe4bbcbab0b0ad4aa1a76fe92
- SSDEEP
  
  24576:H9jxuZJUd1cVl/Y+ZjAkOpUoD6h5Ch9cSfNdZxvhp:H9xuZJUd1cV4kOpv85scS1dbhp
Score

10^/10

stealc default7_doz discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdefault7_dozdiscoverystealer

behavioral2