stealc | d0efc0110b929b24726f12bff40a0d02bc58e3a9ebd8571dc5e963de705ac108 | Triage

Sharing

General

Target

4204-58-0x0000000000D30000-0x0000000001213000-memory.dmp
Size

4.9MB
Sample

241227-rx229awnfr
MD5

cee20320e7dadaded6ce4f9e34ffe87b
SHA1

b8487f6b12d8997932c4a93fb0be260102c9b902
SHA256

d0efc0110b929b24726f12bff40a0d02bc58e3a9ebd8571dc5e963de705ac108
SHA512

87dc7f91ccef6ee1ed286f4f15f634edf82c5085eb80d9361d48082f2bc5e6017ad2e6d9d010639ec9499db26a707f1433da63bb5cabbcf33f6f9496829c541b
SSDEEP

24576:+tvvyHVdSLxfyp6EtuseHTfX7YkcG4fLxaLYPDAwz73/LWGWHe2FwvS0V2Ygq7XM:gvEALgYEzwYfLxhn/a1FayG

Score

10^/10

stealc stok discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

stok

C2

http://185.215.113.206

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  4204-58-0x0000000000D30000-0x0000000001213000-memory.dmp
- Size
  
  4.9MB
- MD5
  
  cee20320e7dadaded6ce4f9e34ffe87b
- SHA1
  
  b8487f6b12d8997932c4a93fb0be260102c9b902
- SHA256
  
  d0efc0110b929b24726f12bff40a0d02bc58e3a9ebd8571dc5e963de705ac108
- SHA512
  
  87dc7f91ccef6ee1ed286f4f15f634edf82c5085eb80d9361d48082f2bc5e6017ad2e6d9d010639ec9499db26a707f1433da63bb5cabbcf33f6f9496829c541b
- SSDEEP
  
  24576:+tvvyHVdSLxfyp6EtuseHTfX7YkcG4fLxaLYPDAwz73/LWGWHe2FwvS0V2Ygq7XM:gvEALgYEzwYfLxhn/a1FayG
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer

behavioral2

stealcdiscoverystealer