stealc | ae4a72d1cfd390b0bac8df8dbb836b10d8a28f9fafe09852b36f2338eb7351ad | Triage

Resubmissions

20-11-2024 18:31

241120-w6fmts1ake 10

20-11-2024 18:26

241120-w3bjps1gpm 10

Sharing

General

Target

nothirdparty.exe
Size

14.5MB
Sample

241120-w3bjps1gpm
MD5

faaa36304ac321d611fbb064c4cf061b
SHA1

adbe4b0c6477a9ba214e90f335bf6f963367d87e
SHA256

ae4a72d1cfd390b0bac8df8dbb836b10d8a28f9fafe09852b36f2338eb7351ad
SHA512

a389bdefb9c8376bed6df97e3a79df632817c76a8a5de1d3aeca30ca8803dc4cfeb4684e95228ef4d385eff16fe3548cffc2aa4a8ffd07a7b7953c804834b7a7
SSDEEP

393216:lwCyDQw81PenSLe/mxny8K5AaNTaC2KhmP:PVVeSLeetbKJTtzmP

Score

10^/10

stealc avland discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

AVLand

C2

|http://185.225.200.240

Attributes

url_path
/0e4968fc55367a12.php

Targets

- Target
  
  nothirdparty.exe
- Size
  
  14.5MB
- MD5
  
  faaa36304ac321d611fbb064c4cf061b
- SHA1
  
  adbe4b0c6477a9ba214e90f335bf6f963367d87e
- SHA256
  
  ae4a72d1cfd390b0bac8df8dbb836b10d8a28f9fafe09852b36f2338eb7351ad
- SHA512
  
  a389bdefb9c8376bed6df97e3a79df632817c76a8a5de1d3aeca30ca8803dc4cfeb4684e95228ef4d385eff16fe3548cffc2aa4a8ffd07a7b7953c804834b7a7
- SSDEEP
  
  393216:lwCyDQw81PenSLe/mxny8K5AaNTaC2KhmP:PVVeSLeetbKJTtzmP
Score

10^/10

stealc avland discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcavlanddiscoverystealer

behavioral2

stealcavlanddiscoverystealer