stealc | 13bb19c9f0787b460a8ba881062d7d90d8e52ffb83bbb71cb25146d3ab4218c9 | Triage

Sharing

General

Target

13bb19c9f0787b460a8ba881062d7d90d8e52ffb83bbb71cb25146d3ab4218c9 (1)
Size

388KB
Sample

241212-qlmmraxmdm
MD5

caeef5a6e0f69a3cad27d16bcec56bbc
SHA1

5318cd10417b7b1c0e414f028b3633164a6e2068
SHA256

13bb19c9f0787b460a8ba881062d7d90d8e52ffb83bbb71cb25146d3ab4218c9
SHA512

cd19ba853b958aaf20759bedf88908fdc4b7ef3a1258117b8b172439f4cc82994d5fb90493b8cdd04d73d368bfede844d020c194192c5e860daf48c126397e5d
SSDEEP

6144:nWLzxPQTBXDHbAhINMYrOzeJ6R/Ch4cjn3Gx:WvxITlDhtceJq1cj4

Score

10^/10

stealc logsdiller1 discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

LogsDiller1

C2

http://45.91.201.185

Attributes

url_path
/e3e098fc1797439d.php

Targets

- Target
  
  13bb19c9f0787b460a8ba881062d7d90d8e52ffb83bbb71cb25146d3ab4218c9 (1)
- Size
  
  388KB
- MD5
  
  caeef5a6e0f69a3cad27d16bcec56bbc
- SHA1
  
  5318cd10417b7b1c0e414f028b3633164a6e2068
- SHA256
  
  13bb19c9f0787b460a8ba881062d7d90d8e52ffb83bbb71cb25146d3ab4218c9
- SHA512
  
  cd19ba853b958aaf20759bedf88908fdc4b7ef3a1258117b8b172439f4cc82994d5fb90493b8cdd04d73d368bfede844d020c194192c5e860daf48c126397e5d
- SSDEEP
  
  6144:nWLzxPQTBXDHbAhINMYrOzeJ6R/Ch4cjn3Gx:WvxITlDhtceJq1cj4
Score

10^/10

stealc logsdiller1 discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealclogsdiller1discoverystealer

behavioral2

stealclogsdiller1discoverystealer