stealc | 67d6f26ee81443d99b9c08ebae36a007776dd1f87ddd9b5396c52d78efa4f38f | Triage

Sharing

General

Target

940-79-0x0000000000AA0000-0x0000000001126000-memory.dmp
Size

6.5MB
Sample

250209-vdkkmsxmbw
MD5

f396cd06a4343aa9e8570ff8d644e1d9
SHA1

8a8c8d053fc8c2f1442ae709cc9d52b80772aaa7
SHA256

67d6f26ee81443d99b9c08ebae36a007776dd1f87ddd9b5396c52d78efa4f38f
SHA512

f602a3c66f98e3eb918e0eadaacfbc64e9a628cc2022699a801cce9ebdf503a8e113f2d666b1dcb0885c0e2fd64f93148c0192a0febca91306b80a3cead1e0a4
SSDEEP

49152:e3P4HA6izrGA8NkhwNJHQHmgtl3rvkCmi3XFynWWH/V7cy2kHJi58DpopX7:OAHA6izrGA8nNJH87mUu5/V1fUaG

Score

10^/10

stealc reno discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

reno

C2

http://185.215.113.115

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  940-79-0x0000000000AA0000-0x0000000001126000-memory.dmp
- Size
  
  6.5MB
- MD5
  
  f396cd06a4343aa9e8570ff8d644e1d9
- SHA1
  
  8a8c8d053fc8c2f1442ae709cc9d52b80772aaa7
- SHA256
  
  67d6f26ee81443d99b9c08ebae36a007776dd1f87ddd9b5396c52d78efa4f38f
- SHA512
  
  f602a3c66f98e3eb918e0eadaacfbc64e9a628cc2022699a801cce9ebdf503a8e113f2d666b1dcb0885c0e2fd64f93148c0192a0febca91306b80a3cead1e0a4
- SSDEEP
  
  49152:e3P4HA6izrGA8NkhwNJHQHmgtl3rvkCmi3XFynWWH/V7cy2kHJi58DpopX7:OAHA6izrGA8nNJH87mUu5/V1fUaG
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer