Overview

overview

10

Static

static

10

1560-2-0x0...ry.exe

windows7-x64

10

1560-2-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1560-2-0x0000000000400000-0x000000000070C000-memory.dmp

  • Size

    3.0MB

  • MD5

    e44baf220153e9baefd90a67c9145c2f

  • SHA1

    8c221ca76100c4fefcca19574d7f2bb97101ff27

  • SHA256

    b33455b473823246f323129f0c61ce23b2ce8bf6c4240bbc0efb206289aeecf5

  • SHA512

    8f604d61d74133b436a71ae95c8a89476e1ec81a4324d6065cb40950d3d687c8c7dea0cdf079ff2e3cfef98075dca8486e1bf3d8532d4231e8e3aa17f7961a9e

  • SSDEEP

    3072:YixkPwbpTK8Q5Uzf4JElJvIT4HNqOp5cCXjo9RqL:fxmwbJKAzAElJA8HNqOp5cCsv

Score
10/10
stealc

Malware Config

Extracted

Family

stealc

C2

http://bryanzachary.top

Attributes
  • url_path

    /e9c345fc99a4e67e.php

rc4.plain

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1560-2-0x0000000000400000-0x000000000070C000-memory.dmp
    .exe windows x86


    Headers

    Sections