General
-
Target
1668-2-0x0000000000400000-0x00000000022F2000-memory.dmp
-
Size
30.9MB
-
MD5
f6a8b64b1ed7eee92f216f2f14903020
-
SHA1
990b72f386e39e4687a7cf8f8314c784a3c1b5e2
-
SHA256
d4d2a883afd8a7a0e8ca5dcaa3216ddbdebf56866e8d0881ae07e6fe28948d48
-
SHA512
c4f875f49c8449e3c0f0b6fe1b5433c9cbda570154c1685c41192c22b25bb540a7c3d62c49a2e87b9e1b4ffb737c73455372a817908a8dd57ae41d2bfb3a42d7
-
SSDEEP
3072:3ixkPwbpTK8Q5Uzf4JElJvIT4Cu1RqUYY8O8J:SxmwbJKAzAElJA8fAYd
Score
10/10
Malware Config
Extracted
Family
stealc
C2
http://charlesjones.top
Attributes
-
url_path
/e9c345fc99a4e67e.php
rc4.plain
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1668-2-0x0000000000400000-0x00000000022F2000-memory.dmp
Headers
Sections