stealc | 2039ef3a972d4ed984a8a9008c15c67188aee1f6ef0c7222f830af6d58bd2fc9 | Triage

Sharing

General

Target

1796-117-0x0000000000DF0000-0x0000000001478000-memory.dmp
Size

6.5MB
Sample

241120-bjvg9a1rem
MD5

edf08a8d809b32d71cc4cfd75b316731
SHA1

6d51a955972d2234ad5d1a81b645093f63f31eb3
SHA256

2039ef3a972d4ed984a8a9008c15c67188aee1f6ef0c7222f830af6d58bd2fc9
SHA512

abd86fbe504c457d30d5a55725f37cc363ac91c8e2f939b8860688088f8326c3bc4b3e6fa4845772ef5536a48a073552fd37be198579ca5f944b89c77b5230c4
SSDEEP

98304:lyzgodc94JZpevkV9MssmaypkF+xyqW7aDzy+MIc4PMpigBxr:3Xs/pkF+xyqqGy+xZPMc2xr

Score

10^/10

stealc mars discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

mars

C2

http://185.215.113.206

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  1796-117-0x0000000000DF0000-0x0000000001478000-memory.dmp
- Size
  
  6.5MB
- MD5
  
  edf08a8d809b32d71cc4cfd75b316731
- SHA1
  
  6d51a955972d2234ad5d1a81b645093f63f31eb3
- SHA256
  
  2039ef3a972d4ed984a8a9008c15c67188aee1f6ef0c7222f830af6d58bd2fc9
- SHA512
  
  abd86fbe504c457d30d5a55725f37cc363ac91c8e2f939b8860688088f8326c3bc4b3e6fa4845772ef5536a48a073552fd37be198579ca5f944b89c77b5230c4
- SSDEEP
  
  98304:lyzgodc94JZpevkV9MssmaypkF+xyqW7aDzy+MIc4PMpigBxr:3Xs/pkF+xyqqGy+xZPMc2xr
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer