Overview

overview

10

Static

static

10

1484-97-0x...ry.exe

windows7-x64

1

1484-97-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1484-97-0x0000000000400000-0x000000000068D000-memory.dmp

  • Size

    2.6MB

  • MD5

    6a36c4b9e3a55d878179203fbd262892

  • SHA1

    93e20975c6c061b7dbfce16d6b83178b9973f546

  • SHA256

    4a49a0c5112be2b982d2b766e77331e881541270287bb3a7a3cb7e23ecda4bb8

  • SHA512

    e17381eed82553b0c35622166ee96e8362da509fbd2a7bd9dd263a4ee08fc3851339729145d29fa52572bf017f03126f589a464ff55fab5c4636040a7d277218

  • SSDEEP

    24576:pCt+vn2i0hHvjhE5/yionOjzvGHbEqKajh+r5m1pB4XxeGtf1YF7+vl/xcP/c12j:pi

Score
10/10
stealerstealc

Malware Config

Extracted

Family

stealc

C2

http://ronaldlitt.top/25d4fc7fb0cb6b78.php

Signatures

  • Detects Stealc stealer 1 IoCs
    stealer
  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1484-97-0x0000000000400000-0x000000000068D000-memory.dmp
    .exe windows x86


    Headers

    Sections