stealc | aa375e31057c62dba57ebfb47a33a525f08cb487eac09e1eae0ddbe48a8bb2db | Triage

Sharing

General

Target

2060-3-0x0000000000070000-0x0000000000709000-memory.dmp
Size

6.6MB
Sample

250209-x374cazncp
MD5

a0bc20c918f1b7675b451bb2adf534c1
SHA1

263a8b1f8d7370db3e729163798a36fd651d63d4
SHA256

aa375e31057c62dba57ebfb47a33a525f08cb487eac09e1eae0ddbe48a8bb2db
SHA512

8a8a44ef08b9d5780d77113dfdcd8076785d1f78628514ab5bed970813f7311aee824a5ed07298280efb8b9a4acefaa37b15bba3048d7be4908475eec7529b28
SSDEEP

49152:/L9gY6XC3VIahhwa2a+uSEejMejJWujFHFrsn2+L6kiwCJM0mdiqkRrBiyiBl/:D9gY6XCFIahqLuSjQejQunm6/uaiyul

Score

10^/10

stealc reno discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

reno

C2

http://185.215.113.115

Attributes

url_path
/c4becf79229cb002.php

Targets

- Target
  
  2060-3-0x0000000000070000-0x0000000000709000-memory.dmp
- Size
  
  6.6MB
- MD5
  
  a0bc20c918f1b7675b451bb2adf534c1
- SHA1
  
  263a8b1f8d7370db3e729163798a36fd651d63d4
- SHA256
  
  aa375e31057c62dba57ebfb47a33a525f08cb487eac09e1eae0ddbe48a8bb2db
- SHA512
  
  8a8a44ef08b9d5780d77113dfdcd8076785d1f78628514ab5bed970813f7311aee824a5ed07298280efb8b9a4acefaa37b15bba3048d7be4908475eec7529b28
- SSDEEP
  
  49152:/L9gY6XC3VIahhwa2a+uSEejMejJWujFHFrsn2+L6kiwCJM0mdiqkRrBiyiBl/:D9gY6XCFIahqLuSjQejQunm6/uaiyul
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealcdiscoverystealer