Overview

overview

10

Static

static

3

e27d61eadc...e8.exe

windows7-x64

10

e27d61eadc...e8.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e27d61eadc699d186ba35c52ae9772f04e7f9cd1c38ca2af2c2909e1772093e8

  • Size

    29.6MB

  • Sample

    241123-zby3ga1pen

  • MD5

    2e99c5e08f31bcaeb4b8f32985cc93dc

  • SHA1

    235d59f9d68fb6f3ca3dac9806171d8e0c800108

  • SHA256

    e27d61eadc699d186ba35c52ae9772f04e7f9cd1c38ca2af2c2909e1772093e8

  • SHA512

    816c656330b0faa1db8b4a309967bb1d87a72c7458b413b5d0c9022106e04c0aa900802ec84b1939392372a52d9be7501b0c08b42bc362222ff418df38c8c257

  • SSDEEP

    786432:y9NJrQa32GEqzgf2utR6m4SVLm8eJjbUCQJe8xQMixfHcU:ylfjECgfx4SVJe5YCH8xQMipcU

Score
10/10
stealcdiscoverystealer

Malware Config

Targets

    • Target

      e27d61eadc699d186ba35c52ae9772f04e7f9cd1c38ca2af2c2909e1772093e8

    • Size

      29.6MB

    • MD5

      2e99c5e08f31bcaeb4b8f32985cc93dc

    • SHA1

      235d59f9d68fb6f3ca3dac9806171d8e0c800108

    • SHA256

      e27d61eadc699d186ba35c52ae9772f04e7f9cd1c38ca2af2c2909e1772093e8

    • SHA512

      816c656330b0faa1db8b4a309967bb1d87a72c7458b413b5d0c9022106e04c0aa900802ec84b1939392372a52d9be7501b0c08b42bc362222ff418df38c8c257

    • SSDEEP

      786432:y9NJrQa32GEqzgf2utR6m4SVLm8eJjbUCQJe8xQMixfHcU:ylfjECgfx4SVJe5YCH8xQMipcU

    Score
    10/10
    stealcdiscoverystealer

    • Stealc

      Stealc is an infostealer written in C++.

      stealerstealc

    • Stealc family

      stealc

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates processes with tasklist

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks