General

  • Target

    568-84-0x0000000000400000-0x0000000000629000-memory.dmp

  • Size

    2.2MB

  • MD5

    e2f64bfb8bf8b48f17876d483648e3ca

  • SHA1

    984d87f4f999b5a8f477e3ae421088a506d7a845

  • SHA256

    f7ca7918788ba151a9240cb26262fced28706c926ac8050c1df773433bb7b80d

  • SHA512

    60c78b5787a9be5e0baa366a0b6dcdde175890fb632c1f28f15ad5c53dbd0090a9432b8d0580c459a67a2664ea678588654596461b44f0b38bee0b57b09dc89d

  • SSDEEP

    12288:086BuD3/yZ/vfU56TfXDL97zjad7OM4bZ:0

Score
10/10

Malware Config

Extracted

Family

stealc

C2

http://172.86.70.117/94ed4bf54583a4fa.php

Signatures

  • Detects Stealc stealer 1 IoCs
  • Stealc family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 568-84-0x0000000000400000-0x0000000000629000-memory.dmp
    .exe windows x86


    Headers

    Sections