Overview

overview

10

Static

static

10

4436-2-0x0...ry.exe

windows7-x64

3

4436-2-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4436-2-0x0000000000400000-0x000000000070F000-memory.dmp

  • Size

    3.1MB

  • MD5

    166865d4a11746fbeeed7463333c7eec

  • SHA1

    21b62941028f8fbf8b644ec8b77b2408632b9ffa

  • SHA256

    e159f508a2972d1ad2178ceaaea391411c695ceab478dc9302fa4bf8862d17d7

  • SHA512

    54b7ba15a873fa41df294019dab80212a9e2e7dd00813b1ff3f07ae3cc3e3f23a39af84c497414fe20fe70633784a4a5ffb3f0c951b84424d4ee582a6bbdf41d

  • SSDEEP

    3072:YixkPwbpTK8Q5Uzf4JElJvIT4+NqOp5cCXjo6Rqz:fxmwbJKAzAElJA8+NqOp5cCsI

Score
10/10
stealc

Malware Config

Extracted

Family

stealc

C2

http://bryanzachary.top

Attributes
  • url_path

    /e9c345fc99a4e67e.php

rc4.plain

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4436-2-0x0000000000400000-0x000000000070F000-memory.dmp
    .exe windows x86


    Headers

    Sections