stealc | 9731ae2b1440589051a7f9a21cb43911912c89fd5350788867304159fd12e336 | Triage

Sharing

General

Target

1792-390-0x0000000000D70000-0x000000000140C000-memory.dmp
Size

6.6MB
Sample

241212-svw9nazqhk
MD5

76df1c5be8389209130b344ede7ba8b4
SHA1

e4544ae7b06f8a0157bcf4205dd79e3e57c0602f
SHA256

9731ae2b1440589051a7f9a21cb43911912c89fd5350788867304159fd12e336
SHA512

363ab77e9967d3df027c2987e396ba30fc1a797cc817b6db71062c1074f6c0cb6fda1f6bf98983252e6a49e52a3cc3db53e6ce843c1306c64eed75e2b4dcde93
SSDEEP

49152:fwqI+uVB4ff04Cg3cFnxlH4B2QRCVSrKGuY4+at/SBQ5dgqgkMu2ZFNONxDvQ+:LI+gB4dCg3cFzTQ2Y6ZSi59gttLOl

Score

10^/10

stealc stok discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

stok

C2

http://185.215.113.206

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  1792-390-0x0000000000D70000-0x000000000140C000-memory.dmp
- Size
  
  6.6MB
- MD5
  
  76df1c5be8389209130b344ede7ba8b4
- SHA1
  
  e4544ae7b06f8a0157bcf4205dd79e3e57c0602f
- SHA256
  
  9731ae2b1440589051a7f9a21cb43911912c89fd5350788867304159fd12e336
- SHA512
  
  363ab77e9967d3df027c2987e396ba30fc1a797cc817b6db71062c1074f6c0cb6fda1f6bf98983252e6a49e52a3cc3db53e6ce843c1306c64eed75e2b4dcde93
- SSDEEP
  
  49152:fwqI+uVB4ff04Cg3cFnxlH4B2QRCVSrKGuY4+at/SBQ5dgqgkMu2ZFNONxDvQ+:LI+gB4dCg3cFzTQ2Y6ZSi59gttLOl
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer