General
-
Target
bfa7a505e80c6729f6c3259f5a17fd32a3c48a54c49330fd21adda4bf7a93238
-
Size
2.4MB
-
Sample
240630-psby6a1dpl
-
MD5
102aa72dbd8fd873b3ac34eb95563b03
-
SHA1
6117b69f7aa1fecf3e01be7ae3716080f4e0c861
-
SHA256
bfa7a505e80c6729f6c3259f5a17fd32a3c48a54c49330fd21adda4bf7a93238
-
SHA512
b117022a0da5ae0f0873a13e6f63bed840da8258e5839bffdd2be9e5a465edf7f412e95e9ee62dc052c9ee25a08007e1414ab9e6f4ce5590f747974cc5d76714
-
SSDEEP
49152:gFqD7FhtNOPJ33t+8T9z56I/xxPIdf5ou/f/QNnxHzAh2IG9BYhUdXayxbcI:xFhOPZ9+kF5hkdR5/XQNK0IG9BYhUMg
Malware Config
Extracted
stealc
default
http://85.28.47.4
-
url_path
/920475a59bac849d.php
Targets
-
-
Target
bfa7a505e80c6729f6c3259f5a17fd32a3c48a54c49330fd21adda4bf7a93238
-
Size
2.4MB
-
MD5
102aa72dbd8fd873b3ac34eb95563b03
-
SHA1
6117b69f7aa1fecf3e01be7ae3716080f4e0c861
-
SHA256
bfa7a505e80c6729f6c3259f5a17fd32a3c48a54c49330fd21adda4bf7a93238
-
SHA512
b117022a0da5ae0f0873a13e6f63bed840da8258e5839bffdd2be9e5a465edf7f412e95e9ee62dc052c9ee25a08007e1414ab9e6f4ce5590f747974cc5d76714
-
SSDEEP
49152:gFqD7FhtNOPJ33t+8T9z56I/xxPIdf5ou/f/QNnxHzAh2IG9BYhUdXayxbcI:xFhOPZ9+kF5hkdR5/XQNK0IG9BYhUMg
Score10/10-
Stealc
Stealc is an infostealer written in C++.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-