stealc | 00bb7850e80e07facb1d30a0d41b271469905a2b856eb80d1d34bdff21130985 | Triage

Submit
Reports

Overview

overview

Static

static

3

00bb7850e8...85.exe

windows7-x64

00bb7850e8...85.exe

windows10-2004-x64

Sharing

General

Target

00bb7850e80e07facb1d30a0d41b271469905a2b856eb80d1d34bdff21130985.exe
Size

14.7MB
Sample

240702-bcw3hathpk
MD5

4bfe7a656d28f578ca10aba4c225ff41
SHA1

abbff97043065c3ad54d826b2999f84d4a013b1e
SHA256

00bb7850e80e07facb1d30a0d41b271469905a2b856eb80d1d34bdff21130985
SHA512

a155b61fb2963407b39cf0b5f38b40f9e95f6525896fc84ffce2ccd69e2f335cf6f3592d19c1993492457797ca4457a73a608d7890f4bbad06f12e8191a16fc8
SSDEEP

393216:NqGKs44oI6PGP00RnLZx0qdu2GZJwlKZrOk3Qz:Nq1sXoI6PGP08LZ3svE1z

Score

10^/10

stealc 123reborn discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

00bb7850e80e07facb1d30a0d41b271469905a2b856eb80d1d34bdff21130985.exe

Resource

win7-20240508-en

stealc 123reborn stealer

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

00bb7850e80e07facb1d30a0d41b271469905a2b856eb80d1d34bdff21130985.exe

Resource

win10v2004-20240508-en

stealc 123reborn discovery stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

stealc

Botnet

123Reborn

C2

http://147.45.78.162

Attributes

url_path
/a17861b9cb6f1a53.php

Targets

- Target
  
  00bb7850e80e07facb1d30a0d41b271469905a2b856eb80d1d34bdff21130985.exe
- Size
  
  14.7MB
- MD5
  
  4bfe7a656d28f578ca10aba4c225ff41
- SHA1
  
  abbff97043065c3ad54d826b2999f84d4a013b1e
- SHA256
  
  00bb7850e80e07facb1d30a0d41b271469905a2b856eb80d1d34bdff21130985
- SHA512
  
  a155b61fb2963407b39cf0b5f38b40f9e95f6525896fc84ffce2ccd69e2f335cf6f3592d19c1993492457797ca4457a73a608d7890f4bbad06f12e8191a16fc8
- SSDEEP
  
  393216:NqGKs44oI6PGP00RnLZx0qdu2GZJwlKZrOk3Qz:Nq1sXoI6PGP08LZ3svE1z
Score

10^/10

stealc 123reborn stealer discovery
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

stealc123rebornstealer

behavioral2

stealc123reborndiscoverystealer

© 2018-2024

Terms | Privacy