stealc | 55e011e5977e840b15ce2a6771da9ac31fd72e0db0c20b864e069af75c4162a8 | Triage

Sharing

General

Target

2349efc4ec7b480ea8fb886ec22e9a94.exe
Size

354KB
Sample

241023-h5r3kszbnp
MD5

2349efc4ec7b480ea8fb886ec22e9a94
SHA1

7258cb66e14b7777f7eff29b87ef6632f3cc625e
SHA256

55e011e5977e840b15ce2a6771da9ac31fd72e0db0c20b864e069af75c4162a8
SHA512

d2a99c31214eaa2f2a96932aaa1654a74cb08b46ca4e9ac8c2f6479f2503c05c9765479c53a66b95e5ed49ad70aef8860ce2b9ca4fa3808af7f30e71784d4a68
SSDEEP

6144:aSLP//pfgKSYPirSAcztDgLoYtk+mmf2VevO2+mNN9y4pqnO:tNfZSn+ztML9SwLNny4pS

Score

10^/10

stealc logsdiller discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

LogsDiller

C2

http://92.119.114.74

Attributes

url_path
/b5b230daad1e99a0.php

Targets

- Target
  
  2349efc4ec7b480ea8fb886ec22e9a94.exe
- Size
  
  354KB
- MD5
  
  2349efc4ec7b480ea8fb886ec22e9a94
- SHA1
  
  7258cb66e14b7777f7eff29b87ef6632f3cc625e
- SHA256
  
  55e011e5977e840b15ce2a6771da9ac31fd72e0db0c20b864e069af75c4162a8
- SHA512
  
  d2a99c31214eaa2f2a96932aaa1654a74cb08b46ca4e9ac8c2f6479f2503c05c9765479c53a66b95e5ed49ad70aef8860ce2b9ca4fa3808af7f30e71784d4a68
- SSDEEP
  
  6144:aSLP//pfgKSYPirSAcztDgLoYtk+mmf2VevO2+mNN9y4pqnO:tNfZSn+ztML9SwLNny4pS
Score

10^/10

stealc logsdiller discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealclogsdillerdiscoverystealer

behavioral2

stealclogsdillerdiscoverystealer