stealc | fbb5cee6f3ee4ca8643b64da8d85e2aee256199f009d195d8b776cf0445e4b91 | Triage

Sharing

General

Target

fbb5cee6f3ee4ca8643b64da8d85e2aee256199f009d195d8b776cf0445e4b91
Size

239KB
Sample

241217-xc8xysvja1
MD5

23ad8a022dd0138e14615a93b01d87da
SHA1

8c8d2b1d1c8006410fab2111b56ab55e0d55eb8b
SHA256

fbb5cee6f3ee4ca8643b64da8d85e2aee256199f009d195d8b776cf0445e4b91
SHA512

c1889f29d8813b4853a688900c461a6f45950038387069176fc8950ba44f6c53705a39fdc09dfdd32979cd3f12790898fe505ea3c725f55413b4b3234e545c86
SSDEEP

3072:nLCrbK4vn4p+U1v+N3Bz1IJ8JEchyka7Z7LU/fDzo2fRMJ08:LaGm1U5Y1ICJU117L+DUGqz

Score

10^/10

stealc qqtalk discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

QQtalk

C2

http://154.216.17.90

Attributes

url_path
/a48146f6763ef3af.php

Targets

- Target
  
  fbb5cee6f3ee4ca8643b64da8d85e2aee256199f009d195d8b776cf0445e4b91
- Size
  
  239KB
- MD5
  
  23ad8a022dd0138e14615a93b01d87da
- SHA1
  
  8c8d2b1d1c8006410fab2111b56ab55e0d55eb8b
- SHA256
  
  fbb5cee6f3ee4ca8643b64da8d85e2aee256199f009d195d8b776cf0445e4b91
- SHA512
  
  c1889f29d8813b4853a688900c461a6f45950038387069176fc8950ba44f6c53705a39fdc09dfdd32979cd3f12790898fe505ea3c725f55413b4b3234e545c86
- SSDEEP
  
  3072:nLCrbK4vn4p+U1v+N3Bz1IJ8JEchyka7Z7LU/fDzo2fRMJ08:LaGm1U5Y1ICJU117L+DUGqz
Score

10^/10

stealc qqtalk stealer discovery
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcqqtalkstealer

behavioral2

stealcqqtalkdiscoverystealer