stealc | dd2dcf168fb700e79caff74607ad52a32b8121fa0807765a64ec8906d45ea059 | Triage

Sharing

General

Target

1992-3-0x0000000000040000-0x00000000006DD000-memory.dmp
Size

6.6MB
Sample

241029-avg6ma1bpg
MD5

3fe7099c0cbba312d44098d089dea5e9
SHA1

85c8424c756614905d6deda0209a79f828455517
SHA256

dd2dcf168fb700e79caff74607ad52a32b8121fa0807765a64ec8906d45ea059
SHA512

d60232f482e598e8a7ed2ed872b99ffc08b6849e7d042f04ac80b4aaa4d8235f6cf3219a19f050993ecdea347e21350b17a954b34ae7f625c9142e1e69b367ee
SSDEEP

98304:+/mrNjeHkNkmNks1EiFt+/uJE4S7l0RL8Rk3logb:fkEF3viUETR0p8S3l

Score

10^/10

stealc doma discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

doma

C2

http://185.215.113.37

Attributes

url_path
/e2b1563c6670f193.php

Targets

- Target
  
  1992-3-0x0000000000040000-0x00000000006DD000-memory.dmp
- Size
  
  6.6MB
- MD5
  
  3fe7099c0cbba312d44098d089dea5e9
- SHA1
  
  85c8424c756614905d6deda0209a79f828455517
- SHA256
  
  dd2dcf168fb700e79caff74607ad52a32b8121fa0807765a64ec8906d45ea059
- SHA512
  
  d60232f482e598e8a7ed2ed872b99ffc08b6849e7d042f04ac80b4aaa4d8235f6cf3219a19f050993ecdea347e21350b17a954b34ae7f625c9142e1e69b367ee
- SSDEEP
  
  98304:+/mrNjeHkNkmNks1EiFt+/uJE4S7l0RL8Rk3logb:fkEF3viUETR0p8S3l
Score

10^/10

stealc stealer discovery
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer