stealc | e666c61f3eef5b7c2ed85ecb6e3baea9d093c40516c02e8ec878ada88c914fc8 | Triage

Sharing

General

Target

random.exe
Size

2.4MB
Sample

250418-wdcqgazxh1
MD5

86b8e89a006fc904c6cedf894d4b327f
SHA1

da1cff6996910623b3c0a934ced0603443898075
SHA256

e666c61f3eef5b7c2ed85ecb6e3baea9d093c40516c02e8ec878ada88c914fc8
SHA512

a5274d29f3050b9c186413fd53eaf70428a26cf48ad9ca3071db1017613a5c9efe436759173ac5020b831f9e8c3e2092750c69baea59c4f7a836c708d5c1ff39
SSDEEP

49152:4SphBr/OVKj2qsDa331GAsL8HmVhmhJUz4iIyFA65MSPGHph2DX8Wco:4OFOYj2qsD0AMu4UMiICAO2pEDX8ro

Score

10^/10

stealc suka stealer

Malware Config

Extracted

Family

stealc

Botnet

suka

C2

45.93.20.28

Attributes

url_path
/3d15e67552d448ff.php

rc4.plain

Targets

- Target
  
  random.exe
- Size
  
  2.4MB
- MD5
  
  86b8e89a006fc904c6cedf894d4b327f
- SHA1
  
  da1cff6996910623b3c0a934ced0603443898075
- SHA256
  
  e666c61f3eef5b7c2ed85ecb6e3baea9d093c40516c02e8ec878ada88c914fc8
- SHA512
  
  a5274d29f3050b9c186413fd53eaf70428a26cf48ad9ca3071db1017613a5c9efe436759173ac5020b831f9e8c3e2092750c69baea59c4f7a836c708d5c1ff39
- SSDEEP
  
  49152:4SphBr/OVKj2qsDa331GAsL8HmVhmhJUz4iIyFA65MSPGHph2DX8Wco:4OFOYj2qsD0AMu4UMiICAO2pEDX8ro
Score

10^/10

stealc suka stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcsukastealer

behavioral2

stealcsukastealer