stealc | 0991bfa83cbc2aebd7b7f97afe23573f8568ff8741e64b00831c2480d78494d5 | Triage

Sharing

General

Target

3476-100-0x0000000000B30000-0x00000000011BF000-memory.dmp
Size

6.6MB
Sample

241124-2tc9tsznar
MD5

be9c41bf6edc4eab6ea16c3c9fcb90e5
SHA1

43a3cf70c59be08da52effd29f1e506b212db28a
SHA256

0991bfa83cbc2aebd7b7f97afe23573f8568ff8741e64b00831c2480d78494d5
SHA512

55d69eedd9b08552aae3a38d2d51feb16da3ea1b316b1d34e3aee37c9fdedeb5417789cdf2ac65fc4f625c6bd86c251b327aac84ec0ec98781be8fe05d0fbdd2
SSDEEP

98304:dXTQhbhcaao5g5j7s+G38S7Uy840rQ2BiM3aZdryo:eYI8OB0ZF3N

Score

10^/10

stealc mars discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

mars

C2

http://185.215.113.206

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  3476-100-0x0000000000B30000-0x00000000011BF000-memory.dmp
- Size
  
  6.6MB
- MD5
  
  be9c41bf6edc4eab6ea16c3c9fcb90e5
- SHA1
  
  43a3cf70c59be08da52effd29f1e506b212db28a
- SHA256
  
  0991bfa83cbc2aebd7b7f97afe23573f8568ff8741e64b00831c2480d78494d5
- SHA512
  
  55d69eedd9b08552aae3a38d2d51feb16da3ea1b316b1d34e3aee37c9fdedeb5417789cdf2ac65fc4f625c6bd86c251b327aac84ec0ec98781be8fe05d0fbdd2
- SSDEEP
  
  98304:dXTQhbhcaao5g5j7s+G38S7Uy840rQ2BiM3aZdryo:eYI8OB0ZF3N
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer