stealc | 60019da00a7b33e24d7a4c7d18e1e5d659d5f66b3f578682a8e5e66856a77a8d | Triage

Sharing

General

Target

4576-44-0x0000000000750000-0x0000000000DD8000-memory.dmp
Size

6.5MB
Sample

241120-ba3r9swgnf
MD5

ff73701496dd8f7572b4acb5a4ba3968
SHA1

304b07439b170e927df82ce0471c55062d47c646
SHA256

60019da00a7b33e24d7a4c7d18e1e5d659d5f66b3f578682a8e5e66856a77a8d
SHA512

cd7467e8fede2cbe8700a2d61c8b9e2d26952bcb5e93f1420012dd79b4380dcfdf16e78466e672b08db721834be0ed48e2bb976430a0dcc2f87af5fc4b6bdfe7
SSDEEP

98304:kObrsc94JZpevkVCMsE+zTpWbuqyqW7aDzy+MIc4PMpigBxr:1YsRpWbuqyqqGy+xZPMc2xr

Score

10^/10

stealc mars discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

mars

C2

http://185.215.113.206

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  4576-44-0x0000000000750000-0x0000000000DD8000-memory.dmp
- Size
  
  6.5MB
- MD5
  
  ff73701496dd8f7572b4acb5a4ba3968
- SHA1
  
  304b07439b170e927df82ce0471c55062d47c646
- SHA256
  
  60019da00a7b33e24d7a4c7d18e1e5d659d5f66b3f578682a8e5e66856a77a8d
- SHA512
  
  cd7467e8fede2cbe8700a2d61c8b9e2d26952bcb5e93f1420012dd79b4380dcfdf16e78466e672b08db721834be0ed48e2bb976430a0dcc2f87af5fc4b6bdfe7
- SSDEEP
  
  98304:kObrsc94JZpevkVCMsE+zTpWbuqyqW7aDzy+MIc4PMpigBxr:1YsRpWbuqyqqGy+xZPMc2xr
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer