stealc | 3996f3ca9d94d9d6ddb0541a5568a1808b40e4045624b5b9c7f006f0eb7f0705 | Triage

Sharing

General

Target

2732-20-0x0000000000250000-0x00000000008E1000-memory.dmp
Size

6.6MB
Sample

250209-wby6paylax
MD5

3e4ccc35c847178480b8f29edc05ea20
SHA1

9cc0b0079cc1991643caed2da83c9ed7445564c1
SHA256

3996f3ca9d94d9d6ddb0541a5568a1808b40e4045624b5b9c7f006f0eb7f0705
SHA512

c4efc661eb4dee90cd68641fa87579e24085aa8681b1e6e3826d0bc20c9bee6d5801b896d1dc39f3c1e1681a6b1a87e3d9efbca8525455757e6041eefc3dfecc
SSDEEP

98304:Sz/7lkDjK6R3gK3Ka+wm5REa0lp2JJH7+aP7:9yUKRRH0lp2JtjD

Score

10^/10

stealc reno discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

reno

C2

http://185.215.113.115

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  2732-20-0x0000000000250000-0x00000000008E1000-memory.dmp
- Size
  
  6.6MB
- MD5
  
  3e4ccc35c847178480b8f29edc05ea20
- SHA1
  
  9cc0b0079cc1991643caed2da83c9ed7445564c1
- SHA256
  
  3996f3ca9d94d9d6ddb0541a5568a1808b40e4045624b5b9c7f006f0eb7f0705
- SHA512
  
  c4efc661eb4dee90cd68641fa87579e24085aa8681b1e6e3826d0bc20c9bee6d5801b896d1dc39f3c1e1681a6b1a87e3d9efbca8525455757e6041eefc3dfecc
- SSDEEP
  
  98304:Sz/7lkDjK6R3gK3Ka+wm5REa0lp2JJH7+aP7:9yUKRRH0lp2JtjD
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer