stealc | 3132afd75a40fbaf3732116864e7a93ace539b93dac5844a719223e60c71ac15 | Triage

Sharing

General

Target

2320-3-0x00000000012A0000-0x0000000001927000-memory.dmp
Size

6.5MB
Sample

241125-q3dfeawlam
MD5

1ef8d3188c56745950fdc47d9613dd96
SHA1

0e55b18ce9acf4b90a648b276e7784144c303d5d
SHA256

3132afd75a40fbaf3732116864e7a93ace539b93dac5844a719223e60c71ac15
SHA512

1e1c1a69eb43bc488ea0f00bc722bb7df25c0196ebf3156c68335eea06bf7e71f32ff989439bc33f09f759a06415d73dfef38f8dc943b9ff5d85542410bdedfd
SSDEEP

98304:5otYHCArmrwTcahQgMv3uC7rDgJa/EUq31Olt83dA:H8S3hQgY37XDgJUqFOlKt

Score

10^/10

stealc mars discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

mars

C2

http://185.215.113.206

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  2320-3-0x00000000012A0000-0x0000000001927000-memory.dmp
- Size
  
  6.5MB
- MD5
  
  1ef8d3188c56745950fdc47d9613dd96
- SHA1
  
  0e55b18ce9acf4b90a648b276e7784144c303d5d
- SHA256
  
  3132afd75a40fbaf3732116864e7a93ace539b93dac5844a719223e60c71ac15
- SHA512
  
  1e1c1a69eb43bc488ea0f00bc722bb7df25c0196ebf3156c68335eea06bf7e71f32ff989439bc33f09f759a06415d73dfef38f8dc943b9ff5d85542410bdedfd
- SSDEEP
  
  98304:5otYHCArmrwTcahQgMv3uC7rDgJa/EUq31Olt83dA:H8S3hQgY37XDgJUqFOlKt
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer