stealc | b525c999f04e7215feb35e5af2efd66bb429b705245db60bf287eed4d97a9091 | Triage

Sharing

General

Target

3016-213-0x0000000000A60000-0x00000000010E4000-memory.dmp
Size

6.5MB
Sample

241216-rmlyaatkbm
MD5

b625f3b1a517a82205ecd24243147bcc
SHA1

e5da984ba9f5bcd18fc984533401654236201898
SHA256

b525c999f04e7215feb35e5af2efd66bb429b705245db60bf287eed4d97a9091
SHA512

dae33ea0b802fc81b0dc51151fe9b4b131e8a72164cb435916d77b34f7b2aa2f4593c02b560a25362e3d5502d6ba091f2a3b680a39cfae5b918a8de5fa182d72
SSDEEP

98304:kc2EB+SlzWvZJdTVkTe5AQJnJNyDvnHGq5MHujf9XFh0U06:TQt+EMPGq5MkNfRR

Score

10^/10

stealc stok discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

stok

C2

http://185.215.113.206

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  3016-213-0x0000000000A60000-0x00000000010E4000-memory.dmp
- Size
  
  6.5MB
- MD5
  
  b625f3b1a517a82205ecd24243147bcc
- SHA1
  
  e5da984ba9f5bcd18fc984533401654236201898
- SHA256
  
  b525c999f04e7215feb35e5af2efd66bb429b705245db60bf287eed4d97a9091
- SHA512
  
  dae33ea0b802fc81b0dc51151fe9b4b131e8a72164cb435916d77b34f7b2aa2f4593c02b560a25362e3d5502d6ba091f2a3b680a39cfae5b918a8de5fa182d72
- SSDEEP
  
  98304:kc2EB+SlzWvZJdTVkTe5AQJnJNyDvnHGq5MHujf9XFh0U06:TQt+EMPGq5MkNfRR
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer