stealc | d22a79f3c53c6397168021e671578a6f953c3b49a1168080413c42bee2e2384a | Triage

Sharing

General

Target

2560-3-0x0000000001240000-0x00000000018D8000-memory.dmp
Size

6.6MB
Sample

241213-bepffatlcx
MD5

0c2319f88a86b7adae23348e79377492
SHA1

8a532d64e61d67279f6427764130c2867e6f7aef
SHA256

d22a79f3c53c6397168021e671578a6f953c3b49a1168080413c42bee2e2384a
SHA512

4c6700957e189a8b734a069a66495781783e38321b1deed378c1505895457aa3f246163cf73979305ad45ad6beef56889e2fc49c41da3ac0cfa789e178378f03
SSDEEP

49152:iqSxkfbKRRIiNLtaN0/ES6KBKWQMXtfC22WnKWP1V4xV0S+h3lTlacCoUKJ:uxkTKXI0tVF6qKWVfL1P1qxV0S+R/sO

Score

10^/10

stealc stok discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

stok

C2

http://185.215.113.206

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  2560-3-0x0000000001240000-0x00000000018D8000-memory.dmp
- Size
  
  6.6MB
- MD5
  
  0c2319f88a86b7adae23348e79377492
- SHA1
  
  8a532d64e61d67279f6427764130c2867e6f7aef
- SHA256
  
  d22a79f3c53c6397168021e671578a6f953c3b49a1168080413c42bee2e2384a
- SHA512
  
  4c6700957e189a8b734a069a66495781783e38321b1deed378c1505895457aa3f246163cf73979305ad45ad6beef56889e2fc49c41da3ac0cfa789e178378f03
- SSDEEP
  
  49152:iqSxkfbKRRIiNLtaN0/ES6KBKWQMXtfC22WnKWP1V4xV0S+h3lTlacCoUKJ:uxkTKXI0tVF6qKWVfL1P1qxV0S+R/sO
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer