Overview

overview

10

Static

static

10

3980-1230-...ry.exe

windows7-x64

3

3980-1230-...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    3980-1230-0x0000000000400000-0x000000000062D000-memory.dmp

  • Size

    2.2MB

  • MD5

    f85c22d810248ca53131ce8b018c74a7

  • SHA1

    d5c99788b445762db3c7c0414ac977cc738ae8f2

  • SHA256

    a644db350a657402fc1cd059872443eeee8e17dd4addf070435d5b37dcdb9899

  • SHA512

    db6c42bf7d393d0f30d45ca7f96a63ec5586f67dd37700c850787e1bd402e9bea66495def2b56943e3c9d82c3462c71c264498448c517116416fd25a0f74ea35

  • SSDEEP

    1536:Z+LnkDXWg1IIfbMny0eDEgU5ZOw9mbNFG7x6pt9Dvdp8R+jHb546+qUlE4SJrIWF:cLq1xMy0117esKhpV46+8raWf

Score
10/10
stealc

Malware Config

Extracted

Family

stealc

C2

http://5.78.40.0/60ed11b9deeca694.php

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3980-1230-0x0000000000400000-0x000000000062D000-memory.dmp
    .exe windows x86


    Headers

    Sections