stealc | 97fc90841ef7b563df3fc934148582d7f06e0fd2acd1e6289c03eaa8a2d32361 | Triage

Sharing

General

Target

1584-45-0x0000000000640000-0x0000000000CE0000-memory.dmp
Size

6.6MB
Sample

241210-vc5t7azray
MD5

cb38f544e8a168e4f0d2c98e3873ec52
SHA1

206c39ca3c6bfbda96257974df5992dfe1b1738b
SHA256

97fc90841ef7b563df3fc934148582d7f06e0fd2acd1e6289c03eaa8a2d32361
SHA512

0e56c6cc97825db1d8e02398c8f38b97186e577608454103f05f8f4aa4aba2e60e8ca683bfa6a897628b470ab3cffe94c4cf494b8aa248ae992176188ec0704f
SSDEEP

98304:kUYD7xmPf3uCCJYyXG1siGNq4PoUP6bN:kuf3uCCJtXG1rGNq5UPW

Score

10^/10

stealc stok discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

stok

C2

http://185.215.113.206

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  1584-45-0x0000000000640000-0x0000000000CE0000-memory.dmp
- Size
  
  6.6MB
- MD5
  
  cb38f544e8a168e4f0d2c98e3873ec52
- SHA1
  
  206c39ca3c6bfbda96257974df5992dfe1b1738b
- SHA256
  
  97fc90841ef7b563df3fc934148582d7f06e0fd2acd1e6289c03eaa8a2d32361
- SHA512
  
  0e56c6cc97825db1d8e02398c8f38b97186e577608454103f05f8f4aa4aba2e60e8ca683bfa6a897628b470ab3cffe94c4cf494b8aa248ae992176188ec0704f
- SSDEEP
  
  98304:kUYD7xmPf3uCCJYyXG1siGNq4PoUP6bN:kuf3uCCJtXG1rGNq5UPW
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer