stealc | bc1dafc3f63b4670d955d6413d9098e03df7de74811aba8a47473fbb54c6afce | Triage

Sharing

General

Target

3056-3-0x0000000000120000-0x00000000007CB000-memory.dmp
Size

6.7MB
Sample

241023-n91s6sygpb
MD5

6e66ff3dfa3f34f7dc85fe6f7c84aa61
SHA1

a4f088e1165d3bfeb0cfd8ff00ee4cefcec09165
SHA256

bc1dafc3f63b4670d955d6413d9098e03df7de74811aba8a47473fbb54c6afce
SHA512

de571f12682108d32791c4439122e9d0200799c512a773cf76984c2b1bdabefe3d1e89da09417383a1f12b6202e8dd08d18aedfb627383cb96a29ed445607645
SSDEEP

98304:f+G+yqo6L0/Y6710i7hNk4J1dhsAF9t5YDu8YUw:LFhNk4J1MALQ5YUw

Score

10^/10

stealc doma discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

doma

C2

http://185.215.113.37

Attributes

url_path
/e2b1563c6670f193.php

Targets

- Target
  
  3056-3-0x0000000000120000-0x00000000007CB000-memory.dmp
- Size
  
  6.7MB
- MD5
  
  6e66ff3dfa3f34f7dc85fe6f7c84aa61
- SHA1
  
  a4f088e1165d3bfeb0cfd8ff00ee4cefcec09165
- SHA256
  
  bc1dafc3f63b4670d955d6413d9098e03df7de74811aba8a47473fbb54c6afce
- SHA512
  
  de571f12682108d32791c4439122e9d0200799c512a773cf76984c2b1bdabefe3d1e89da09417383a1f12b6202e8dd08d18aedfb627383cb96a29ed445607645
- SSDEEP
  
  98304:f+G+yqo6L0/Y6710i7hNk4J1dhsAF9t5YDu8YUw:LFhNk4J1MALQ5YUw
Score

10^/10

stealc stealer discovery
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer