stealc | 1236-54-0x0000000002510000-0x0000000002738000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1236-54-0x0000000002510000-0x0000000002738000-memory.dmp
Size

2.2MB
MD5

d98763bcceaeb6aafa120f40d13132ca
SHA1

64f183dc70330e52059c46579ef53a93e735d2d4
SHA256

eaae07e2e3912017b78ab828b1d1610051ce943ef4479d9b0e3cb8e7f18b87d3
SHA512

a938c835d1e2c98544d32d85c40e4424b2f91b2af118c32299434288f48a4c989ee4f73b4f546705e21b4cd7545880102c6ba09369048515676b621d70de5657
SSDEEP

24576:2DpJ1VmAFL+2U7aPnjCDcmvCirp2bp+NBZInkw5ZrRIljm/M6BMfPplx:2

Score

10^/10

stealer stealc

Malware Config

Signatures

Detects Stealc stealer 1 IoCs

resource	yara_rule
sample	family_stealc

Stealc family
stealc

Files

1236-54-0x0000000002510000-0x0000000002738000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ