stealc | 187ad14290e3af9901a8fc441dfa6bd8688880a3e5f13ea9de527ca3750cb57c | Triage

Sharing

General

Target

187ad14290e3af9901a8fc441dfa6bd8688880a3e5f13ea9de527ca3750cb57cN.exe
Size

526KB
Sample

250111-xv7slswph1
MD5

34543322b8450695040f3e7d6e347860
SHA1

76466ec099dd848a8147ade4d947273e90519b67
SHA256

187ad14290e3af9901a8fc441dfa6bd8688880a3e5f13ea9de527ca3750cb57c
SHA512

027bed796298001cdd470b436a1b8bade8bd831b7378cdd2ea35bf7191ae9c6e4a5476104353ce1585b114a8502761a01b98eefe33d6ed74ff977174dcd544e6
SSDEEP

12288:9O/YQnxaez5JNiS8J7nrL7kT8ilsVW83tEO:MXnwez5t8JfLM8J9t

Score

10^/10

stealc default discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

default

C2

http://46.8.231.109

Attributes

url_path
/c4754d4f680ead72.php

Targets

- Target
  
  187ad14290e3af9901a8fc441dfa6bd8688880a3e5f13ea9de527ca3750cb57cN.exe
- Size
  
  526KB
- MD5
  
  34543322b8450695040f3e7d6e347860
- SHA1
  
  76466ec099dd848a8147ade4d947273e90519b67
- SHA256
  
  187ad14290e3af9901a8fc441dfa6bd8688880a3e5f13ea9de527ca3750cb57c
- SHA512
  
  027bed796298001cdd470b436a1b8bade8bd831b7378cdd2ea35bf7191ae9c6e4a5476104353ce1585b114a8502761a01b98eefe33d6ed74ff977174dcd544e6
- SSDEEP
  
  12288:9O/YQnxaez5JNiS8J7nrL7kT8ilsVW83tEO:MXnwez5t8JfLM8J9t
Score

10^/10

stealc default discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdefaultdiscoverystealer

behavioral2

stealcdefaultdiscoverystealer