stealc | 413f106555a4bc9147878a7bec9bd32983da07a8c4d8cd898055f7d83c94137d | Triage

Sharing

General

Target

dosbox.zip
Size

16.5MB
Sample

250420-f2rljaxkx4
MD5

6ec5969d9c1d679a4e016d1f4c12025d
SHA1

dd288b32a3ea5c2c03dc0f7c55a69e1da0242004
SHA256

413f106555a4bc9147878a7bec9bd32983da07a8c4d8cd898055f7d83c94137d
SHA512

26271b6007746bc46f09c02b57238b20f4c2da6f0a1b78e5910802a034b587e8daa14a4aa8fe88d9c00a1260945155052005d030e9a6232d68345dfe3d421411
SSDEEP

393216:98I8UrsYKPsx9UDBxLmYoPQwHw+JEAkBS5J+/8FAX4DN+dVfNG3FZ:GtG94IhHzJcBS7+EqIDN+5o

Score

10^/10

stealc discovery

Malware Config

Targets

- Target
  
  dosbox/CHOICE.EXE
- Size
  
  48KB
- MD5
  
  e8f8b1058775103ac8ba6381345a4a57
- SHA1
  
  e640f1507e4c020cefa4410c8245a99093198a92
- SHA256
  
  4a1b84960ebb5e98f945a1935952633cd805a86b199d2dbcd140d75033636ec7
- SHA512
  
  3f31cdf1edef131777be6d7d5b1e5b83337d42dd99dd4725dd2773fedd2f0f55c55587fe04f897bbad3653ba44116b4fd963c668c369baa148ad2c7f8cfdf741
- SSDEEP
  
  768:PbU07TlijRiNgJ87VzD0zAtd8/OZgevmtIX8Xbg:P4uTlijsNH7V/oEfgxvXE
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  dosbox/DOSBox 0.74 Manual.txt
- Size
  
  61KB
- MD5
  
  28165c1aaceb324ff796d9862b11b37e
- SHA1
  
  50a9b4f9e7a04a26b57dc5503eec638f7a013051
- SHA256
  
  25b1c0bebc166f34487081dc036a433f20640c3f5a145c6b287a2e8eef1395a3
- SHA512
  
  6826a17469f6338cb095592893a58e1ae9b20d1920fcde2cf354bbe81504d2c0317333699a0b3cfce3bf89367dd068e013732171f1e91a2159b27863ae0ecada
- SSDEEP
  
  768:nHDrHava4FcgB4ujuKf+7f4p6dAWchiCxkhS3XxnO0jsHBhwh3s+6Ezje3w:nv8ju7fjdAWcu4BnO04hahsEEw
Score

1^/10
behavioral3 behavioral4
- Target
  
  dosbox/DOSBox 0.74 Options.bat
- Size
  
  107B
- MD5
  
  f6513bd9176d025b1e0b713fdfa70fae
- SHA1
  
  60cba55375fddc388bcb183cabb8b8786e45e6d1
- SHA256
  
  ff7605d991e0dda17221625b732cbad0c10c5a34f93957d148350a0ef4dc78d5
- SHA512
  
  8489ed50aac259f11494a9115191eab190d6bde248d99ec26f10288e6a4c79c0afab42dbcad559fec868a5c2f0a33ea83ab1b43c12a1462ccf2ee950227e309f
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  dosbox/DOSBox.exe
- Size
  
  3.6MB
- MD5
  
  33294e0a8b970b8de45ce446e2add783
- SHA1
  
  c30c133f95547c6d91907c17073945ed93a580e4
- SHA256
  
  e09f78e60b5be25a6af0381b71a90b8aa625f2ea42ecd427638edf2abb7130f0
- SHA512
  
  fdcd70b3ac1af0c7a88fbe1fb1fd91ba7acff23228fde53bae9246b805a69bdd7a7cc84203ac8f9dc366a72e698fe47ed17eeb130f628550e15bd11340ebf621
- SSDEEP
  
  49152:wBuV+Pi+HXGT4RSQR13bK3cFXzF5quE4OyQveR+86yd8cbjABtAQo3SNTdd6YUq:jUiYPSQR13bCcBquE4OyUeR5jAJo3S/
Score

6^/10

discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral7 behavioral8
- Target
  
  dosbox/Documentation/README.txt
- Size
  
  61KB
- MD5
  
  28165c1aaceb324ff796d9862b11b37e
- SHA1
  
  50a9b4f9e7a04a26b57dc5503eec638f7a013051
- SHA256
  
  25b1c0bebc166f34487081dc036a433f20640c3f5a145c6b287a2e8eef1395a3
- SHA512
  
  6826a17469f6338cb095592893a58e1ae9b20d1920fcde2cf354bbe81504d2c0317333699a0b3cfce3bf89367dd068e013732171f1e91a2159b27863ae0ecada
- SSDEEP
  
  768:nHDrHava4FcgB4ujuKf+7f4p6dAWchiCxkhS3XxnO0jsHBhwh3s+6Ezje3w:nv8ju7fjdAWcu4BnO04hahsEEw
Score

1^/10
behavioral10 behavioral9
- Target
  
  dosbox/Reset KeyMapper.bat
- Size
  
  23B
- MD5
  
  723a54699e0bcfb1b7eebae7d89a78e2
- SHA1
  
  3f99e284503365f3c177a58570beaa99595bc930
- SHA256
  
  f494aa928a1d2e8846d1e911a51e90fd49149f612ba001cb5c5a144d5ec271ca
- SHA512
  
  48de7717b32d078d58830629c7e2d7e200e31e767ab9136d5e05bb8085c17589a1b1c763f2288f84d6f9ded44234e2b7b2a33ea8865208a8ddeb30e5a7a0caa5
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  dosbox/Reset Options.bat
- Size
  
  21B
- MD5
  
  029a3bef661b34c3f7c4713544a28da5
- SHA1
  
  b33c6d18defe468bb70b0ed7ad46223303cd7be9
- SHA256
  
  4b340c08696aab9b06742c763b332f43a4de9930177a4c9d240b2ea1a0e5e75d
- SHA512
  
  3bc6d801be82303d60d761deb878cfcaf7d209b216acfb9ec355c420f98711d157f73d1aaf35a00783435d3d9940a780d76802cb128c9be576a03dc523ee7752
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  dosbox/SDL.dll
- Size
  
  437KB
- MD5
  
  52726f9e11c4f2af64033ee17dae1fce
- SHA1
  
  a6f2589a6878e7c3384d9592077900c747232b0d
- SHA256
  
  69037ebc43755296c0cc292d57d560028d7f2265f7b86ca84e714835c19bbd58
- SHA512
  
  e075c07d8dfbe027fc9fa9f8874ec117e2f17ab7683fc8941e4fe5a0b4ed0ee26bc0a8b8ccb0f0a79a1a200220d39b6820a480be720b68091a5550798f93a1ad
- SSDEEP
  
  6144:AEH2f6Zb8uDLeq0vRBaQiiPOFG5dCHiKudo0KmzHSgwhyZwCM:AEH+6ZbhN0ramP7yHLuIoCn
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  dosbox/SDL_net.dll
- Size
  
  13KB
- MD5
  
  7db830b9fb29781f86cec2a1bbfe050c
- SHA1
  
  e8adb7e4821d98bd26062c793288dbf7754f6978
- SHA256
  
  2f39dc04acbecf47efa45034891602b6ea7bf6fd2f27b5c0a5ca8d7fb155c929
- SHA512
  
  e2934aac58377d8a5adf96633b55eea63bf689872409270bbcf98097a36ca772194fa12c2b287bba0a76109ae62c575beac3b1192375c4e06b61640cb9e4a14f
- SSDEEP
  
  192:E8UQFh8UMKd7gvpK3mmg7xluXquc8miU1ebHML0ow1w0c7xGf+u6QmeMqmf/7JCz:E8B/MmJhguaGmioebdoELSdm
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  dosbox/Screenshots & Recordings.bat
- Size
  
  37B
- MD5
  
  49c28d6953fb810692795a8f93e894c5
- SHA1
  
  7051a5d0551303d87e175e44ae84e02d19bcd82a
- SHA256
  
  9b235d133481e85bf12e2ba5bea2aab5e87b54404de1a06c58ff4de1e5ad9560
- SHA512
  
  c7b4220ff7e5529b3108d61c83356ba12d67c65b7707bf259dbf25a0edf76a595bd6e4270dce41353f2938b1058e0cf6b78f92dde7bf4be5ce51e8bc7a16486e
Score

1^/10
behavioral19 behavioral20
- Target
  
  dosbox/Video Codec/zmbv.dll
- Size
  
  92KB
- MD5
  
  19cef6175f9fc9c860351836d9409109
- SHA1
  
  5a1c0660fcaf0ef86202c4c96a57ac0a82554122
- SHA256
  
  be72d291901b4a67741732da3d6dfd87fb3e74c8d03d56d40c58dd4d9744a478
- SHA512
  
  e124f3043c2f2cce5fc0feaec373ac845df8006a33913b375928ea4c70dda19db8cea68f25c6aac4c6d4c09eae9cd4a51ab38a76bc4cde451f5b1f3d49aa4d27
- SSDEEP
  
  1536:3gi0r/biUABzKzjxkQ3so+UnHZIOCFnToIfNlB:3gi0r/3GzKzjS8s2CtTBfNl
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  dosbox/dosbox-debug.exe
- Size
  
  3.7MB
- MD5
  
  e8520041221442ab267c72863606a121
- SHA1
  
  427eb61a35b5bb25eaf7f5d7971b7919d905b7c3
- SHA256
  
  4785166e374f69eccbddc7b1c0459ee98d5108acb8a2505928c8b85d132d7bc0
- SHA512
  
  8f7614d35761a0f29385d185785ba419462ec08aa61032b6ba04e141d4ccbbcf2eaceca288f10a9ac884db7a09d872016556bff081f8eb70ad56e8d26da6cc75
- SSDEEP
  
  98304:EMzC3Y+jKTAi8Ra9SxN1RZmGwQ4tpx2z8voYzvEt1:c3Y+jKTAi8R7mxQmIz8Tu
Score

6^/10

discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral23 behavioral24
- Target
  
  dosbox/dosboxsvn.exe
- Size
  
  3.2MB
- MD5
  
  52fa6b3fcb8fefdca5e8fdc4f81f9e55
- SHA1
  
  b27de4c19500f68eb59cf21918d837cde07dec18
- SHA256
  
  5a916b3ba28678bec5ffb376a9bea60540d331149220fdef22ad7b876b302239
- SHA512
  
  0b86112fbd953c907d15130f6833d3db83cf562559fdfbc63e8f2547fa7572ebf9c20f33cf5881e37f424122c11eb7267aa132ce4b7d2470eaac1cda8321ef3b
- SSDEEP
  
  98304:wkR+HjSc6PqlwOtWRiV8Uwcq7bFQSI2xo19:wbHJdBWRiV8Uw1bOS/
Score

6^/10

discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral25 behavioral26
- Target
  
  dosbox/libpng12.dll
- Size
  
  254KB
- MD5
  
  fdcb0c799bfd1a0567d374853fb04c1e
- SHA1
  
  6469726caf45b8321832b58b9008ac5242d07342
- SHA256
  
  5ef3a04c78162daca388a79cdf51430ab00a11fab6d1f781f7b54713247bac2e
- SHA512
  
  32c453b1d4090cef2bab3819959e718f2e01e4f7861067dbd251067ec86c8e9ffffcd36d6a4aa349356ae763498ced6efba15fcd3970f607c0d434ba432a3a41
- SSDEEP
  
  3072:Ncfo0h2vzsWjWaXEJg6wLqSHEXbiyRgr/FmogipqtIO4zBfA7ZGCiuR3A2PegmQE:68AaXEJ8LqSHbyeQoggqW4ZpA2WD
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  dosbox/svn/3DfxSpl2.dll
- Size
  
  1.1MB
- MD5
  
  08a1b06fe2fee5a1e3b33f1d71b84705
- SHA1
  
  995b3f1a5916a047aa1365afacc292c3be21de62
- SHA256
  
  262c70749ac24b4d3691e39767d3e01b5b4957b9b82768186e5faa58f395ceba
- SHA512
  
  7fa595eb88a452a5bd0de05bfca85f1119ddecec58c377bd1321057f223bf9856382bf7abd2c996c1ccb50e7c28c5b28856b782a77fbf91b2b76a040bc9f38fd
- SSDEEP
  
  12288:hmHPTPzZIibdk3hsCmx0okm1WoCnf1/Hnsp97P7jpD7P74nUpInLpN7P7:s79bdahsbbmdWptpjpAp
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  dosbox/svn/DOCS/Official manuals/README.TXT
- Size
  
  64KB
- MD5
  
  23741f6f9c22bc2a3464edf861e3a2a2
- SHA1
  
  03e3b0d08e31315fc42650ac60d7693e1d7ec4fe
- SHA256
  
  3b29e1e5c3e168e0ba119ebf1b7c96eadbe3a28207cb27d762136088ea13fba8
- SHA512
  
  4aa65c048c06f5cffeac81b1e155c660cf94cca1f973d41e510c4145f5a1af9f45e249e5ef37f9066193b81da5312342fa4effbc7a36278250179a706ecf23ff
- SSDEEP
  
  768:nHfLHYva/hlc+CgTyjucf+7f4p6dA2c1GBuULiCxkhS3XxnO0jsdGh8h3K+6EzZq:nTaju9fjdA2c1GU4BnO04oihOEvQ
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32