stealc | 6037d6e0d87c675c64f4cda11e2ebf91ae62835a8306005fba28ac3773e81275 | Triage

Sharing

General

Target

SecuriteInfo.com.Win64.MalwareX-gen.1919.22629.exe
Size

2.4MB
Sample

250420-mh85sssvct
MD5

db2111a16754c3fc229d136f2a5e246d
SHA1

58d2ddc44981a7b833a3059b263038484c7f7800
SHA256

6037d6e0d87c675c64f4cda11e2ebf91ae62835a8306005fba28ac3773e81275
SHA512

02a37c06f9b55a032cd980e42d0c2f7d6376d4aaa00007e47e05f241c0ed19518bac29e2cc21cae5bb28cf132bf58a07b40bbb9b266011e5ed29c4f968200eff
SSDEEP

49152:gocHViZj3uJxQh4YrxQGaA7u59j4kt5iRaewAfOhN7fZx:7cieAfxQG1Ri5iRwAfy

Score

10^/10

stealc suka stealer

Malware Config

Extracted

Family

stealc

Botnet

suka

C2

45.93.20.28

Attributes

url_path
/3d15e67552d448ff.php

rc4.plain

Targets

- Target
  
  SecuriteInfo.com.Win64.MalwareX-gen.1919.22629.exe
- Size
  
  2.4MB
- MD5
  
  db2111a16754c3fc229d136f2a5e246d
- SHA1
  
  58d2ddc44981a7b833a3059b263038484c7f7800
- SHA256
  
  6037d6e0d87c675c64f4cda11e2ebf91ae62835a8306005fba28ac3773e81275
- SHA512
  
  02a37c06f9b55a032cd980e42d0c2f7d6376d4aaa00007e47e05f241c0ed19518bac29e2cc21cae5bb28cf132bf58a07b40bbb9b266011e5ed29c4f968200eff
- SSDEEP
  
  49152:gocHViZj3uJxQh4YrxQGaA7u59j4kt5iRaewAfOhN7fZx:7cieAfxQG1Ri5iRwAfy
Score

10^/10

stealc suka stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Stealc family
  stealc
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcsukastealer

behavioral2

stealcsukastealer