stealc | f6c85b928f3799f7f9a88d43b4aa8dbbf046c388bbbbeee4b986a444fc2e93c2 | Triage

Sharing

General

Target

3856-123-0x00000000006A0000-0x0000000000D32000-memory.dmp
Size

6.6MB
Sample

241119-2299javhln
MD5

fb1fa9b9d7792aec35bdc4790aef388e
SHA1

2347b7b60a5a4cdf19c9e4f96c38cad2cf0ee67d
SHA256

f6c85b928f3799f7f9a88d43b4aa8dbbf046c388bbbbeee4b986a444fc2e93c2
SHA512

affca5c7b6ccd9f5884a73d897d8118ee70e45f4d24c127bd2d72b184e8b27d9d21c20d98b1f1b9d58802f6c779400c5deedc48cf7e7fae570dbf535f0c8573f
SSDEEP

98304:QxncnE2BIOSyesraXDohLkeuy1KOQ8VoOO35CIEJlf:1YlM71jQhjpB0

Score

10^/10

stealc mars discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

mars

C2

http://185.215.113.206

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  3856-123-0x00000000006A0000-0x0000000000D32000-memory.dmp
- Size
  
  6.6MB
- MD5
  
  fb1fa9b9d7792aec35bdc4790aef388e
- SHA1
  
  2347b7b60a5a4cdf19c9e4f96c38cad2cf0ee67d
- SHA256
  
  f6c85b928f3799f7f9a88d43b4aa8dbbf046c388bbbbeee4b986a444fc2e93c2
- SHA512
  
  affca5c7b6ccd9f5884a73d897d8118ee70e45f4d24c127bd2d72b184e8b27d9d21c20d98b1f1b9d58802f6c779400c5deedc48cf7e7fae570dbf535f0c8573f
- SSDEEP
  
  98304:QxncnE2BIOSyesraXDohLkeuy1KOQ8VoOO35CIEJlf:1YlM71jQhjpB0
Score

10^/10

stealc stealer discovery
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer