General
-
Target
41dab8f1e7a6092801641580c860411d84f5cadb49e182dce6a27d3b9d575642
-
Size
701KB
-
Sample
241120-pxfg5sxdrq
-
MD5
9e59820449a43770ed05f10b3ab28195
-
SHA1
968e1b0d9fac36405f25ea42a503d59c6cddc3dd
-
SHA256
41dab8f1e7a6092801641580c860411d84f5cadb49e182dce6a27d3b9d575642
-
SHA512
b390baf2627c2b516ee17d79c5d0616c2384537cdb70d2c4afc6d1cc686bc1b5d92de7a50ac802b140eda49e5f119b43ff70f50f19954efb50b471661a672382
-
SSDEEP
12288:gbjFu86btDzJ3Iir8CHpfI/4P//aGgsdq6d4cBkoaevnO//ay4k0Ql:g/F3SJ3n8iw/4P//dgsI6tWoJvOqy4LS
Malware Config
Extracted
stealc
LogsDiller
http://77.83.175.105
-
url_path
/18a9a962225b1ffb.php
Targets
-
-
Target
41dab8f1e7a6092801641580c860411d84f5cadb49e182dce6a27d3b9d575642
-
Size
701KB
-
MD5
9e59820449a43770ed05f10b3ab28195
-
SHA1
968e1b0d9fac36405f25ea42a503d59c6cddc3dd
-
SHA256
41dab8f1e7a6092801641580c860411d84f5cadb49e182dce6a27d3b9d575642
-
SHA512
b390baf2627c2b516ee17d79c5d0616c2384537cdb70d2c4afc6d1cc686bc1b5d92de7a50ac802b140eda49e5f119b43ff70f50f19954efb50b471661a672382
-
SSDEEP
12288:gbjFu86btDzJ3Iir8CHpfI/4P//aGgsdq6d4cBkoaevnO//ay4k0Ql:g/F3SJ3n8iw/4P//dgsI6tWoJvOqy4LS
Score10/10-
Stealc
Stealc is an infostealer written in C++.
-
Stealc family
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-