Overview

overview

10

Static

static

10

1004-3-0x0...ry.exe

windows7-x64

10

1004-3-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1004-3-0x0000000000400000-0x0000000000711000-memory.dmp

  • Size

    3.1MB

  • MD5

    ee3f98668d348976ff763b06b980a697

  • SHA1

    e5e537df736d8810ba652ce33404d1229ae226f4

  • SHA256

    b617312db5abc250cf78c4e965a768e1f3a4dbcfbefb2828cad60cb206c357ef

  • SHA512

    d54efa70c6e511ec553f607a41f6e87bbd3d8c87edc881544f5978bea83f40085f311a88d1b85e36aa465a961539195928df39aaaf2c5c90f4461e0db6333c25

  • SSDEEP

    3072:YixkPwbpTK8Q5Uzf4JElJvIT49NqOp5cCXjo1Rqb:fxmwbJKAzAElJA89NqOp5cCs3

Score
10/10
stealc

Malware Config

Extracted

Family

stealc

C2

http://bryanzachary.top

Attributes
  • url_path

    /e9c345fc99a4e67e.php

rc4.plain

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1004-3-0x0000000000400000-0x0000000000711000-memory.dmp
    .exe windows x86


    Headers

    Sections