Overview

overview

10

Static

static

10

3056-3-0x0...ry.exe

windows7-x64

3

3056-3-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3056-3-0x0000000000400000-0x0000000002290000-memory.dmp

  • Size

    30.6MB

  • MD5

    f3c2c109a0d512948cb799a2dbd37105

  • SHA1

    c0d08a30a72a5636e28cf97183175d7fad282d66

  • SHA256

    c279ddeefed3621ebef63ee6663b945041fc3a5b81698397abca88dd477d2f96

  • SHA512

    9b57895680fad9ee8e513dcb33edec677684093e21261d16e4e63fb45c7c3b5f975340a2578a09cdbd5b6430873801a83160ff654e0d8ad1921538401e628058

  • SSDEEP

    3072:3ixkPwbpTK8Q5Uzf4JElJvIT4xuARqeFoqJ3:SxmwbJKAzAElJA8v

Score
10/10
stealc

Malware Config

Extracted

Family

stealc

C2

http://charlesjones.top

Attributes
  • url_path

    /e9c345fc99a4e67e.php

rc4.plain

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3056-3-0x0000000000400000-0x0000000002290000-memory.dmp
    .exe windows x86


    Headers

    Sections