stealc | d465ab0a133f43a7db91ad9b46aa8500090d7363664f88f9c177b2ae99d6e60e | Triage

Resubmissions

11-01-2025 16:46

250111-vae6rawnhn 1

11-01-2025 16:22

250111-tt757stjg1 10

Sharing

General

Target

d465ab0a133f43a7db91ad9b46aa8500090d7363664f88f9c177b2ae99d6e60eN.exe
Size

1.5MB
Sample

250111-tt757stjg1
MD5

18acc23bd37091a08578776f9eef7420
SHA1

edf963ebe9db755602ac4b8b0f6082d0dd8c1b44
SHA256

d465ab0a133f43a7db91ad9b46aa8500090d7363664f88f9c177b2ae99d6e60e
SHA512

a19f6ef993db1557aedf1b40a9691796d338a5f21fef6a3174241409bd0559b57cd629504a74e6d4556d937d0a379ee114671e2ba33cc59982f0b0cd1b89198e
SSDEEP

12288:2sAXPJwPMBh/wARJIc7f9T4uy0ViUccjm1ESmk7feoP83HEO:6XPJf7zI6f9TcEccjm16k6oEXt

Score

10^/10

stealc default discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

default

C2

http://46.8.231.109

Attributes

url_path
/c4754d4f680ead72.php

Targets

- Target
  
  d465ab0a133f43a7db91ad9b46aa8500090d7363664f88f9c177b2ae99d6e60eN.exe
- Size
  
  1.5MB
- MD5
  
  18acc23bd37091a08578776f9eef7420
- SHA1
  
  edf963ebe9db755602ac4b8b0f6082d0dd8c1b44
- SHA256
  
  d465ab0a133f43a7db91ad9b46aa8500090d7363664f88f9c177b2ae99d6e60e
- SHA512
  
  a19f6ef993db1557aedf1b40a9691796d338a5f21fef6a3174241409bd0559b57cd629504a74e6d4556d937d0a379ee114671e2ba33cc59982f0b0cd1b89198e
- SSDEEP
  
  12288:2sAXPJwPMBh/wARJIc7f9T4uy0ViUccjm1ESmk7feoP83HEO:6XPJf7zI6f9TcEccjm16k6oEXt
Score

10^/10

stealc default discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdefaultdiscoverystealer

behavioral2

stealcdefaultdiscoverystealer