stealc | 94215092f8c5b6b91c39458b51665a3cd62c35706ad8c2908d7eb6d74d17702b | Triage

Resubmissions

28-01-2025 02:27

250128-cxhw2svkdn 10

Sharing

General

Target

Setup.exe
Size

98.2MB
Sample

250128-cxhw2svkdn
MD5

c681f05fe3025f3a23833da6e100ba9d
SHA1

7e862b1895561bc3aca9595210276b0f6597636a
SHA256

94215092f8c5b6b91c39458b51665a3cd62c35706ad8c2908d7eb6d74d17702b
SHA512

106d6d41738691fa6fe49ae313bc2d85fa8d7a7dd8283899aa01c6d056053a23d5bf569af601a42c65eca2bdee334af65fd745cfbf26c67b4a1eb6f1fe9158d3
SSDEEP

12288:upjQGbC5X/m4WTfzf2ugUNkYn40lhETt3EqEELHZIQnlT1H:kjLmXRyfTNfNki/ktUqEEL5IO

Score

10^/10

stealc 670052684 discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

670052684

C2

http://178.63.148.7

Attributes

url_path
/875489374a8fad8f.php

Targets

- Target
  
  Setup.exe
- Size
  
  98.2MB
- MD5
  
  c681f05fe3025f3a23833da6e100ba9d
- SHA1
  
  7e862b1895561bc3aca9595210276b0f6597636a
- SHA256
  
  94215092f8c5b6b91c39458b51665a3cd62c35706ad8c2908d7eb6d74d17702b
- SHA512
  
  106d6d41738691fa6fe49ae313bc2d85fa8d7a7dd8283899aa01c6d056053a23d5bf569af601a42c65eca2bdee334af65fd745cfbf26c67b4a1eb6f1fe9158d3
- SSDEEP
  
  12288:upjQGbC5X/m4WTfzf2ugUNkYn40lhETt3EqEELHZIQnlT1H:kjLmXRyfTNfNki/ktUqEEL5IO
Score

10^/10

discovery stealc 670052684 stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealc670052684discoverystealer