stealc | ee84149d1ff1c1b15010bee9f3035252bb549a81ff966254dd6e96805e7d0c64 | Triage

Resubmissions

20/02/2025, 20:08

250220-ywtstatqak 10

Sharing

General

Target

Minecraft_with_the_Conquest_Reforged_mod_pack_+_Bliss_Shaders_2.zip
Size

811KB
Sample

250220-yv16hawjt7
MD5

230914e1c3554d619a487bea42e62c5f
SHA1

43f6b4e9500d6eddf320697db3cc1914366ddd6c
SHA256

ee84149d1ff1c1b15010bee9f3035252bb549a81ff966254dd6e96805e7d0c64
SHA512

bfde6cd2f19443bba3cae8aecea8cdafa6755ca4a9507cd946df3f92cc0537179f35b7aec52f370ad0fe3ed81884dc5bb5fe4492acbe02edf26738ff20fbf517
SSDEEP

24576:GjNyH9ELuDjcoaGOi+2zb0cutehcs6ScM3h:i0H925KzUOcTScM3h

Score

10^/10

stealc 7930926186 discovery stealer

Malware Config

Extracted

Family

stealc

Botnet

7930926186

C2

http://178.63.148.7

Attributes

url_path
/875489374a8fad8f.php

Targets

- Target
  
  ErrorDetails.dll
- Size
  
  481KB
- MD5
  
  38551fbe73a1f20be3119fee6faaf115
- SHA1
  
  d05bf16ebe429a9f10aa8d9bae5a6a99f1332193
- SHA256
  
  d64c9c94820bef8b32156d16e665b7b435e584aeae9fe48f3bfb4afe7ec347be
- SHA512
  
  e7052e99c308c4304e1a0710e020a376a5c8bb18596db0c36ae3c50af98e96d4acc7f73e1c5e3a51a127f009974cb46e697cddd902438330876d3f9c6678f707
- SSDEEP
  
  6144:zz2Pb3F/XAPHzJjC25v/nhh9i8gYtUokCulxMfpbSGePV0qEF1nE7w+Uw3NKR9hf:OPbZXkXv/PtUoH3IGgVbEF14wx8KRF9D
Score

1^/10
behavioral1
- Target
  
  Minecraft with the Conquest Reforged mod pack + Bliss Shaders.exe
- Size
  
  1.7MB
- MD5
  
  e9c19d8c108d7e25268e669c895bd6b1
- SHA1
  
  07111dcbe6414f7078df86132cd0b3653d79ccf8
- SHA256
  
  ee37e7ff9364d35eb4184a808870bfcd89f2df7a14d77399d62891a711786f78
- SHA512
  
  acb70f9288d7a17f358977f4b1bb1629b018d98553e9ff5d9502f09eee70466146896970bbe4ebaf1ec282c8dd1c7602e14badaf64d3abe0ed2cc7a4f22e0c82
- SSDEEP
  
  12288:+lpUimgGl8F/lVfVbcpJLryPKngpEf/zoizswIUKA29+2khHBxnh7MIgAHVSRUdX:SMl8XVZcp5eSxzVzOa29dMHLhvHQRW
Score

10^/10

stealc 7930926186 discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

stealc7930926186discoverystealer