stealc | edb35dbc785eb95c331b565181a78e26980e4e70b7733630205bf24095d1bacf | Triage

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
16-12-2024 07:02

Sharing

Report Analysis Logs

General

Target

tretiy.exe
Size

239KB
MD5

ac0c7c7b446033358b09302bd31fc48f
SHA1

d94ba46cd56463959570012ce1bfa3dff470cef5
SHA256

edb35dbc785eb95c331b565181a78e26980e4e70b7733630205bf24095d1bacf
SHA512

d1fee8891a5cb792156083b86f6f60417497056eb5fc896c665f4a4ea3b21c67f8bf3527d5e7e14a711079af0ff5df7304e8338c9d2c3aa6d4b6b6a6098784eb
SSDEEP

3072:aLCrbK4vn4pKkhfGN3JjL/cJ88Rmwa7Z7LUTf7OFe/J08:oaGmZk9IL0BQ517LKxxz

Score

10^/10

stealc voov stealer

Malware Config

Extracted

Family

stealc

Botnet

Voov

C2

http://154.216.17.90

Attributes

url_path
/a48146f6763ef3af.php

Signatures

Stealc
Stealc is an infostealer written in C++.
stealer stealc
Stealc family
stealc

C:\Users\Admin\AppData\Local\Temp\tretiy.exe
"C:\Users\Admin\AppData\Local\Temp\tretiy.exe"
1⤵
PID:1712

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1712-0-0x0000000000310000-0x0000000000560000-memory.dmp

Filesize
2.3MB

Download