stealc | 07ed8013e57a60bb3477b3e98962683af69f40d379bd7f6478f24bc2d7e6b8e1 | Triage

Sharing

General

Target

4636-595-0x0000000000EB0000-0x0000000001544000-memory.dmp
Size

6.6MB
Sample

241212-l8cnva1jd1
MD5

d559f8423c96173cc41e4d078655519a
SHA1

966952c7dbd7ad717724e4094f971875e06d7f63
SHA256

07ed8013e57a60bb3477b3e98962683af69f40d379bd7f6478f24bc2d7e6b8e1
SHA512

05b404ba0c97b39caa8fa17f31f7cd4064754486266bcf99649726d90caa6766fb42115e12c784ad78fbd336e060c7ed817feb1eae70abba7fa2b8c0bf268f00
SSDEEP

49152:fSlHtOGIGKuEDnMZoGEZxFWBXs5JdGJjoYF50dkdLyWO4syMO:IHoGIGKujZoGE7FGaGpbuwLWW

Score

10^/10

stealc stok discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

stok

C2

http://185.215.113.206

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  4636-595-0x0000000000EB0000-0x0000000001544000-memory.dmp
- Size
  
  6.6MB
- MD5
  
  d559f8423c96173cc41e4d078655519a
- SHA1
  
  966952c7dbd7ad717724e4094f971875e06d7f63
- SHA256
  
  07ed8013e57a60bb3477b3e98962683af69f40d379bd7f6478f24bc2d7e6b8e1
- SHA512
  
  05b404ba0c97b39caa8fa17f31f7cd4064754486266bcf99649726d90caa6766fb42115e12c784ad78fbd336e060c7ed817feb1eae70abba7fa2b8c0bf268f00
- SSDEEP
  
  49152:fSlHtOGIGKuEDnMZoGEZxFWBXs5JdGJjoYF50dkdLyWO4syMO:IHoGIGKujZoGE7FGaGpbuwLWW
Score

10^/10

stealc stealer discovery
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer