stealc | cb2325d6716cc4fbb15de859a31043d8f124bb197b92d21eaa3a64e790cddb57 | Triage

Sharing

General

Target

random.exe
Size

2.4MB
Sample

250418-w51lls1xbx
MD5

1c40a602091591056d9aef16abb5d3a2
SHA1

bec41d2b37ca2438d4480a9c79b618c78e82576e
SHA256

cb2325d6716cc4fbb15de859a31043d8f124bb197b92d21eaa3a64e790cddb57
SHA512

b1026cf8606742c1699cbcbcf2a4f3ec47a0f54dd0e2b08647585233ee5e5f4deef9a096d2372b2e30aee58866a6c9ecbb51bf1cf77f78028d9cafa80247068e
SSDEEP

49152:fKCeZ1CDRAidWIHBRNcYzYlbko6b+VyzGRJzfxZpOgSSO9ZG:fpRFjhzBzYlbk9CVy+zJZpOFDZ

Score

10^/10

stealc suka stealer

Malware Config

Extracted

Family

stealc

Botnet

suka

C2

45.93.20.28

Attributes

url_path
/3d15e67552d448ff.php

rc4.plain

Targets

- Target
  
  random.exe
- Size
  
  2.4MB
- MD5
  
  1c40a602091591056d9aef16abb5d3a2
- SHA1
  
  bec41d2b37ca2438d4480a9c79b618c78e82576e
- SHA256
  
  cb2325d6716cc4fbb15de859a31043d8f124bb197b92d21eaa3a64e790cddb57
- SHA512
  
  b1026cf8606742c1699cbcbcf2a4f3ec47a0f54dd0e2b08647585233ee5e5f4deef9a096d2372b2e30aee58866a6c9ecbb51bf1cf77f78028d9cafa80247068e
- SSDEEP
  
  49152:fKCeZ1CDRAidWIHBRNcYzYlbko6b+VyzGRJzfxZpOgSSO9ZG:fpRFjhzBzYlbk9CVy+zJZpOFDZ
Score

10^/10

stealc suka stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcsukastealer

behavioral2

stealcsukastealer