stealc | 816d2b262c51bf913222b3cc268b4edcecd0f219ca6923af0cd51a581227d4ed | Triage

Sharing

General

Target

3048-28-0x00000000001E0000-0x0000000000875000-memory.dmp
Size

6.6MB
Sample

241216-r1x8gatnam
MD5

ea460b85083d062e4d4282165dd962ba
SHA1

61f8226b3367e969a9751cfed17550ad962a9545
SHA256

816d2b262c51bf913222b3cc268b4edcecd0f219ca6923af0cd51a581227d4ed
SHA512

5b024f7b16d27767b1a92b909ee39a795ddcb70dc83d53043991073d9a7c56314532263f8b192113b37b46ea74962932375b8bd3e001de4ec115451b4fed2419
SSDEEP

98304:mT6QBfFi9IfVwKbcDJ/kxByEpAYASdPyRGGkBfoFaE9P:QhgDJ/kjTASdqRZaE

Score

10^/10

stealc stok discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

stok

C2

http://185.215.113.206

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  3048-28-0x00000000001E0000-0x0000000000875000-memory.dmp
- Size
  
  6.6MB
- MD5
  
  ea460b85083d062e4d4282165dd962ba
- SHA1
  
  61f8226b3367e969a9751cfed17550ad962a9545
- SHA256
  
  816d2b262c51bf913222b3cc268b4edcecd0f219ca6923af0cd51a581227d4ed
- SHA512
  
  5b024f7b16d27767b1a92b909ee39a795ddcb70dc83d53043991073d9a7c56314532263f8b192113b37b46ea74962932375b8bd3e001de4ec115451b4fed2419
- SSDEEP
  
  98304:mT6QBfFi9IfVwKbcDJ/kxByEpAYASdPyRGGkBfoFaE9P:QhgDJ/kjTASdqRZaE
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer