stealc | 9c43d91d7f09be47d06a827a86c68acdbf67297f52cbd96fd5e4b1f5ac716074 | Triage

Sharing

General

Target

3160-38-0x0000000000720000-0x0000000000DB8000-memory.dmp
Size

6.6MB
Sample

241212-18vxrayrev
MD5

428287535a65abfb19aa72d0d09cccbe
SHA1

b21c9562b86c5582a146b40ed27a21631d0ec9c7
SHA256

9c43d91d7f09be47d06a827a86c68acdbf67297f52cbd96fd5e4b1f5ac716074
SHA512

40f8e7748d5412609ab65e2c8bd0c7b7288fd917f6851f6dd5e2768f655c54ef653f0541bcc9c071ec8d58cd494d94e4d51e37ffd03b7e85c67261d6b8d50d62
SSDEEP

98304:oPS2x7fcmFk8Z5czdyo+H5bsEPU6KmsiZ269O:6cz8o+ZbsE8nmFf

Score

10^/10

stealc stok discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

stok

C2

http://185.215.113.206

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  3160-38-0x0000000000720000-0x0000000000DB8000-memory.dmp
- Size
  
  6.6MB
- MD5
  
  428287535a65abfb19aa72d0d09cccbe
- SHA1
  
  b21c9562b86c5582a146b40ed27a21631d0ec9c7
- SHA256
  
  9c43d91d7f09be47d06a827a86c68acdbf67297f52cbd96fd5e4b1f5ac716074
- SHA512
  
  40f8e7748d5412609ab65e2c8bd0c7b7288fd917f6851f6dd5e2768f655c54ef653f0541bcc9c071ec8d58cd494d94e4d51e37ffd03b7e85c67261d6b8d50d62
- SSDEEP
  
  98304:oPS2x7fcmFk8Z5czdyo+H5bsEPU6KmsiZ269O:6cz8o+ZbsE8nmFf
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer