stealc | a5a5de7295a8a702f394d9cdacfbd5b0278e4caff0c31748d248d3976cf4febb | Triage

Submit
Reports

Overview

overview

Static

static

5032-110-0...ry.exe

windows7-x64

5032-110-0...ry.exe

windows10-2004-x64

Sharing

General

Target

5032-110-0x0000000000A60000-0x000000000166B000-memory.dmp
Size

12.0MB
Sample

240701-lep23stdpg
MD5

058a2e86ad57cebfbb75eef8c3823062
SHA1

c388a56fdfc9e098ac2a0f21ddbc6b30caaf5f35
SHA256

a5a5de7295a8a702f394d9cdacfbd5b0278e4caff0c31748d248d3976cf4febb
SHA512

bddbd553322da5594c6480c2eff44861712ac6b949922ef60843ffd2fd9dfaa63c655eb58658d28587b1283cc15733de3c1d67961d1b9c6521ffdb3480480cb4
SSDEEP

98304:9BhlSvC/n6a/8hGDRw4kP38+qy1wkxscOS8E3eBZ5smCDWbm:9PlY3wMKyzuBZ5s6m

Score

10^/10

stealc default stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

5032-110-0x0000000000A60000-0x000000000166B000-memory.exe

Resource

win7-20240220-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

5032-110-0x0000000000A60000-0x000000000166B000-memory.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

stealc

Botnet

default

C2

http://85.28.47.4

Attributes

url_path
/920475a59bac849d.php

Targets

- Target
  
  5032-110-0x0000000000A60000-0x000000000166B000-memory.dmp
- Size
  
  12.0MB
- MD5
  
  058a2e86ad57cebfbb75eef8c3823062
- SHA1
  
  c388a56fdfc9e098ac2a0f21ddbc6b30caaf5f35
- SHA256
  
  a5a5de7295a8a702f394d9cdacfbd5b0278e4caff0c31748d248d3976cf4febb
- SHA512
  
  bddbd553322da5594c6480c2eff44861712ac6b949922ef60843ffd2fd9dfaa63c655eb58658d28587b1283cc15733de3c1d67961d1b9c6521ffdb3480480cb4
- SSDEEP
  
  98304:9BhlSvC/n6a/8hGDRw4kP38+qy1wkxscOS8E3eBZ5smCDWbm:9PlY3wMKyzuBZ5s6m
Score

10^/10

stealc stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy