stealc | de9b5b01ea203876726ce494a45f861c4b12b10cf2d08ad21764165a51d3b7f3 | Triage

Sharing

General

Target

2380-3-0x0000000000980000-0x0000000001017000-memory.dmp
Size

6.6MB
Sample

241212-qkhbmsxmak
MD5

94cc14a782cbde88f296beb40c9f5a2f
SHA1

7f754fc0a6f7130072bce4753362c839e28fabb4
SHA256

de9b5b01ea203876726ce494a45f861c4b12b10cf2d08ad21764165a51d3b7f3
SHA512

b4f8f9205199be3d11a6f02d11d4f5d69d9d9671aae38b13cc0701b16eed3be728045d223e4246d61c34cf323d075b4e9fa2be5b232b59ef0b6244a05e0f3fbe
SSDEEP

98304:VhyaGXM5KWGjVq7VD0n2fnMpMXXUpBEv2O3Cuxj2g:dbxV4n20pCXUpBEv2O37j2g

Score

10^/10

stealc stok discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

stok

C2

http://185.215.113.206

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  2380-3-0x0000000000980000-0x0000000001017000-memory.dmp
- Size
  
  6.6MB
- MD5
  
  94cc14a782cbde88f296beb40c9f5a2f
- SHA1
  
  7f754fc0a6f7130072bce4753362c839e28fabb4
- SHA256
  
  de9b5b01ea203876726ce494a45f861c4b12b10cf2d08ad21764165a51d3b7f3
- SHA512
  
  b4f8f9205199be3d11a6f02d11d4f5d69d9d9671aae38b13cc0701b16eed3be728045d223e4246d61c34cf323d075b4e9fa2be5b232b59ef0b6244a05e0f3fbe
- SSDEEP
  
  98304:VhyaGXM5KWGjVq7VD0n2fnMpMXXUpBEv2O3Cuxj2g:dbxV4n20pCXUpBEv2O37j2g
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer