General
-
Target
3024-2-0x0000000000400000-0x000000000062D000-memory.dmp
-
Size
2.2MB
-
MD5
fb742b8a5f95f5c6ac149aec97ecc72e
-
SHA1
dc50c8003f8f60fdd1f1d75e2b44eab6cd054714
-
SHA256
05130b4f3a895e6375f24021aa3608a4faf4a4223c0141f48bfc1704be54a1f6
-
SHA512
a8e0ab011f8b52830b793ce1b0c55e18c1cfe26820d404fb4b7d259ea96f179b82a62c2c42fd62f5a1be002e670326ebb39f56095a6f697208638fcedeb9fbf4
-
SSDEEP
3072:KwZx7tPwbpTK8Q5Uzf4JElJvIT4bZeqRq:bZ1xwbJKAzAElJA8k4
Score
10/10
Malware Config
Extracted
Family
stealc
C2
http://171.22.28.221
Attributes
-
url_path
/5c06c05b7b34e8e6.php
rc4.plain
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3024-2-0x0000000000400000-0x000000000062D000-memory.dmp
Headers
Sections