stealc | ecb9c37d1d958627342f8f26d48ea98a7aa5eb7fe0496d27bbdf89749bed6a13 | Triage

Sharing

General

Target

ecb9c37d1d958627342f8f26d48ea98a7aa5eb7fe0496d27bbdf89749bed6a13
Size

6.6MB
MD5

404f05e59d9765577df56e0df42480fa
SHA1

819a37b15dc64beb1838d73a101003758b4eae9a
SHA256

ecb9c37d1d958627342f8f26d48ea98a7aa5eb7fe0496d27bbdf89749bed6a13
SHA512

c49f896dd0ba10d073fd158110da7e1ec427d4b8586783ad5e95e2500f2517aef5f46394b911024a3e562b029654c3f1384a70e6a881c28614928ab0a026c6a7
SSDEEP

3072:z6/I0PLf/wVX+0yv2Xf293Pv0RhIfGGzBs0J57jse/v+Q98Xeyyibb:O/TfK+0yPx0Rh0XNHfjhvzqgO

Score

10^/10

stealc

Malware Config

Signatures

Stealc family
stealc

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ecb9c37d1d958627342f8f26d48ea98a7aa5eb7fe0496d27bbdf89749bed6a13

Files

ecb9c37d1d958627342f8f26d48ea98a7aa5eb7fe0496d27bbdf89749bed6a13
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 90KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zuoxpqbc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qhncjoqv
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE