Overview

overview

10

Static

static

3

Security Score.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Security Score.exe

  • Size

    6.6MB

  • Sample

    240706-3w583azfnf

  • MD5

    4a0e18b9311033f3262dbb1d6f952fd4

  • SHA1

    3031e311aaaeb79253fc38b293d5fea1dd443636

  • SHA256

    d3297c81f787e85f89fbd109cc6e8ed2b63ee1f3c0eb81cacf4f79e7d385045c

  • SHA512

    893463074ca5b00d47f8b90a6ced2f54488319b1c8fbd38e592a9f269e1a53abdc288c4b09242002b4f34ed96c7424d28a40538865d32051151c2161963ab1df

  • SSDEEP

    49152:QIsRjZ2Czf3isUwgsDCL9v3T7EWYA6Cgd3eoCbhBIsXJ+jKAXemaWEFLEZeCRj5D:cBbfMbsGgd3MhL+BDEbCRj1EpaSeMi5

Score
10/10
stealcdefaultspywarestealer

Malware Config

Extracted

Family

stealc

Botnet

default

C2

http://94.228.166.20

Attributes
  • url_path

    /615ffb09a7b55d61.php

Targets

    • Target

      Security Score.exe

    • Size

      6.6MB

    • MD5

      4a0e18b9311033f3262dbb1d6f952fd4

    • SHA1

      3031e311aaaeb79253fc38b293d5fea1dd443636

    • SHA256

      d3297c81f787e85f89fbd109cc6e8ed2b63ee1f3c0eb81cacf4f79e7d385045c

    • SHA512

      893463074ca5b00d47f8b90a6ced2f54488319b1c8fbd38e592a9f269e1a53abdc288c4b09242002b4f34ed96c7424d28a40538865d32051151c2161963ab1df

    • SSDEEP

      49152:QIsRjZ2Czf3isUwgsDCL9v3T7EWYA6Cgd3eoCbhBIsXJ+jKAXemaWEFLEZeCRj5D:cBbfMbsGgd3MhL+BDEbCRj1EpaSeMi5

    Score
    10/10
    stealcdefaultspywarestealer

    • Stealc

      Stealc is an infostealer written in C++.

      stealerstealc

    • Downloads MZ/PE file

    • Loads dropped DLL

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks