stealc | 1e24feb95758065d5965418eb77e3df0909bdd283038687701ea3f35cb152049 | Triage

Sharing

General

Target

2520-1594-0x0000000000DD0000-0x000000000146C000-memory.dmp
Size

6.6MB
Sample

241124-1t1vfsxnel
MD5

519d471d233c7d64f4dc1301cdd20e86
SHA1

b9b86abc4a828246a5744adc93ca596537e7368e
SHA256

1e24feb95758065d5965418eb77e3df0909bdd283038687701ea3f35cb152049
SHA512

5cd08435641611b4f0d8297166aaa6d33ba96654c6262d642faf5b5955d73f8b8a145ef2476383a2a30b34ba5862316e123ade9706eb31547efc804d04b7625b
SSDEEP

98304:U6TXvn3RUmc24Xr42iiDNC8EunKc+StMSiE1ayp4EpR:p29r5Zhnn4+cAn

Score

10^/10

stealc mars discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

mars

C2

http://185.215.113.206

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  2520-1594-0x0000000000DD0000-0x000000000146C000-memory.dmp
- Size
  
  6.6MB
- MD5
  
  519d471d233c7d64f4dc1301cdd20e86
- SHA1
  
  b9b86abc4a828246a5744adc93ca596537e7368e
- SHA256
  
  1e24feb95758065d5965418eb77e3df0909bdd283038687701ea3f35cb152049
- SHA512
  
  5cd08435641611b4f0d8297166aaa6d33ba96654c6262d642faf5b5955d73f8b8a145ef2476383a2a30b34ba5862316e123ade9706eb31547efc804d04b7625b
- SSDEEP
  
  98304:U6TXvn3RUmc24Xr42iiDNC8EunKc+StMSiE1ayp4EpR:p29r5Zhnn4+cAn
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer