stealc | 10a3f988c815bc05fc60c711bc097cbd9ae2043112d954e0206535efd23bbbaa | Triage

Sharing

General

Target

random.exe
Size

2.4MB
Sample

250418-h3w9hswza1
MD5

156934a0b635550255a3841f5dd1e7dd
SHA1

4ed7f488877cc826e635939c9ac650dc332a3dae
SHA256

10a3f988c815bc05fc60c711bc097cbd9ae2043112d954e0206535efd23bbbaa
SHA512

fa2d85fb9f56f1d1a69f7686712713e52c36f252a70e2d2a07d72e94e797a5e96b859c04e780e232603292c7a94eb41c1e41ac1aa3e88523024061bfb33184c9
SSDEEP

49152:57NvQPSk1C70rsKWkYn8P4ozpuCLA9601x3Sq5Q0HOiwShWS:XQPO0Q3kY8P4ozpRR0CaBd

Score

10^/10

stealc suka stealer

Malware Config

Extracted

Family

stealc

Botnet

suka

C2

45.93.20.28

Attributes

url_path
/3d15e67552d448ff.php

rc4.plain

Targets

- Target
  
  random.exe
- Size
  
  2.4MB
- MD5
  
  156934a0b635550255a3841f5dd1e7dd
- SHA1
  
  4ed7f488877cc826e635939c9ac650dc332a3dae
- SHA256
  
  10a3f988c815bc05fc60c711bc097cbd9ae2043112d954e0206535efd23bbbaa
- SHA512
  
  fa2d85fb9f56f1d1a69f7686712713e52c36f252a70e2d2a07d72e94e797a5e96b859c04e780e232603292c7a94eb41c1e41ac1aa3e88523024061bfb33184c9
- SSDEEP
  
  49152:57NvQPSk1C70rsKWkYn8P4ozpuCLA9601x3Sq5Q0HOiwShWS:XQPO0Q3kY8P4ozpRR0CaBd
Score

10^/10

stealc suka stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcsukastealer

behavioral2

stealcsukastealer