stealc | 965089245651accd26b2b1867f70efc9e3de47a4dfe8791247b04d6b9e0e9b32 | Triage

Sharing

General

Target

888-47-0x0000000000E70000-0x000000000136B000-memory.dmp
Size

5.0MB
Sample

241227-n9k3qavner
MD5

1125f8b070634b2d8bc25b4d744ef9a3
SHA1

208bf8c580826ec2b5780dbb436ac689c524ca43
SHA256

965089245651accd26b2b1867f70efc9e3de47a4dfe8791247b04d6b9e0e9b32
SHA512

b937888963a6553ce735c435054c39badfb7c93bc63d09e501d6b73cc72ad205622066f22c5ef7af4ecd2999a39777d61cdc8bac77f7696484a20ed3efe5a9e6
SSDEEP

49152:9VCe0qJm465b0VHmfU7GhXcdBn+VgEgaXRSK:6e0q44MQ5OUqhXuid9j

Score

10^/10

stealc stok discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

stok

C2

http://185.215.113.206

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  888-47-0x0000000000E70000-0x000000000136B000-memory.dmp
- Size
  
  5.0MB
- MD5
  
  1125f8b070634b2d8bc25b4d744ef9a3
- SHA1
  
  208bf8c580826ec2b5780dbb436ac689c524ca43
- SHA256
  
  965089245651accd26b2b1867f70efc9e3de47a4dfe8791247b04d6b9e0e9b32
- SHA512
  
  b937888963a6553ce735c435054c39badfb7c93bc63d09e501d6b73cc72ad205622066f22c5ef7af4ecd2999a39777d61cdc8bac77f7696484a20ed3efe5a9e6
- SSDEEP
  
  49152:9VCe0qJm465b0VHmfU7GhXcdBn+VgEgaXRSK:6e0q44MQ5OUqhXuid9j
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer

behavioral2

stealcdiscoverystealer