stealc | ef00e18c2bd179b4ab6662969dd060d346dfbd2da5d1786c511827383c5e8da4 | Triage

Sharing

General

Target

random.exe
Size

2.4MB
Sample

250418-w5175s1xb1
MD5

a437922f28c4b19e05144cc5c333c633
SHA1

0478c4e50dd12789523b1fb99e02ee576f05fc81
SHA256

ef00e18c2bd179b4ab6662969dd060d346dfbd2da5d1786c511827383c5e8da4
SHA512

6ed886d6322cb1cd2fda7c906cd9d4f8ddb4c83dd7195279095cfbd31625412ac4ba9b00d5d18f61c33de2fdcf9a9f9e9ebe9740b4954eea22f60e88659a5b76
SSDEEP

49152:FQmGzmT/4vcE/u+8qBAMXuWJeOxe1ewo9FaIqm0NrV7o5/9nk:Ox9b06e1eTbn++5lk

Score

10^/10

stealc suka stealer

Malware Config

Extracted

Family

stealc

Botnet

suka

C2

45.93.20.28

Attributes

url_path
/3d15e67552d448ff.php

rc4.plain

Targets

- Target
  
  random.exe
- Size
  
  2.4MB
- MD5
  
  a437922f28c4b19e05144cc5c333c633
- SHA1
  
  0478c4e50dd12789523b1fb99e02ee576f05fc81
- SHA256
  
  ef00e18c2bd179b4ab6662969dd060d346dfbd2da5d1786c511827383c5e8da4
- SHA512
  
  6ed886d6322cb1cd2fda7c906cd9d4f8ddb4c83dd7195279095cfbd31625412ac4ba9b00d5d18f61c33de2fdcf9a9f9e9ebe9740b4954eea22f60e88659a5b76
- SSDEEP
  
  49152:FQmGzmT/4vcE/u+8qBAMXuWJeOxe1ewo9FaIqm0NrV7o5/9nk:Ox9b06e1eTbn++5lk
Score

10^/10

stealc suka stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcsukastealer

behavioral2

stealcsukastealer