stealc | e1b43924c0a7db2cea9a4908b878cae8b7911d4d41a99fca4ec220a7de482aa1 | Triage

Sharing

General

Target

1368-1237-0x00000000000C0000-0x0000000000769000-memory.dmp
Size

6.7MB
Sample

250209-p61jns1qcm
MD5

8c03fac4efff99850fdd115dc20fe7f9
SHA1

6e8c10ac7554d906e809a85905313c2affd5879e
SHA256

e1b43924c0a7db2cea9a4908b878cae8b7911d4d41a99fca4ec220a7de482aa1
SHA512

98926a8fd10e1848b5521de7ea035ba09995462b686e65da62886dff99adb8abd0aa70ef0840a88374034cab11078f5d2f04f2e5de8266f3b106196d6ffdd39f
SSDEEP

98304:BWSrz1xNa5/8ftUgZJLc6rhRePZ7J8X2O63Nxsyq1:BvJLPBRIBXdCx1

Score

10^/10

stealc reno discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

reno

C2

http://185.215.113.115

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  1368-1237-0x00000000000C0000-0x0000000000769000-memory.dmp
- Size
  
  6.7MB
- MD5
  
  8c03fac4efff99850fdd115dc20fe7f9
- SHA1
  
  6e8c10ac7554d906e809a85905313c2affd5879e
- SHA256
  
  e1b43924c0a7db2cea9a4908b878cae8b7911d4d41a99fca4ec220a7de482aa1
- SHA512
  
  98926a8fd10e1848b5521de7ea035ba09995462b686e65da62886dff99adb8abd0aa70ef0840a88374034cab11078f5d2f04f2e5de8266f3b106196d6ffdd39f
- SSDEEP
  
  98304:BWSrz1xNa5/8ftUgZJLc6rhRePZ7J8X2O63Nxsyq1:BvJLPBRIBXdCx1
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer