stealc | 32ac8313004b33ee50e85bb5f86cf49d91f59f6754482f6f8118251746408c8b | Triage

Sharing

General

Target

2568-3-0x0000000000400000-0x0000000000650000-memory.dmp
Size

2.3MB
Sample

241210-rw458asqgm
MD5

af28f4a7826a62668c401d21901eb992
SHA1

c52f671172b35a36c73485d1b682a2d1d69ca5e8
SHA256

32ac8313004b33ee50e85bb5f86cf49d91f59f6754482f6f8118251746408c8b
SHA512

65bcd718feee5fb3dc30e1aca45c8175e7d89128927daff799ceeba35bc80c23fb8aea6d16be7ad36ae97f9438fe9ad63c3ff4f1b91fa3406186ae909debd851
SSDEEP

3072:s/JdEu+qhhl0lPW5kWOCVY/yvMEcMA0bgzdiDp2uUFe4lm6Pj7aNRYHeP3KqX+n:XutRj5kwdcMlIkN2udc7GYot+

Score

10^/10

stealc default discovery

Malware Config

Extracted

Family

stealc

Botnet

default

C2

http://92.255.57.89

Attributes

url_path
/45c616e921a794b8.php

Targets

- Target
  
  2568-3-0x0000000000400000-0x0000000000650000-memory.dmp
- Size
  
  2.3MB
- MD5
  
  af28f4a7826a62668c401d21901eb992
- SHA1
  
  c52f671172b35a36c73485d1b682a2d1d69ca5e8
- SHA256
  
  32ac8313004b33ee50e85bb5f86cf49d91f59f6754482f6f8118251746408c8b
- SHA512
  
  65bcd718feee5fb3dc30e1aca45c8175e7d89128927daff799ceeba35bc80c23fb8aea6d16be7ad36ae97f9438fe9ad63c3ff4f1b91fa3406186ae909debd851
- SSDEEP
  
  3072:s/JdEu+qhhl0lPW5kWOCVY/yvMEcMA0bgzdiDp2uUFe4lm6Pj7aNRYHeP3KqX+n:XutRj5kwdcMlIkN2udc7GYot+
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2