Overview

overview

10

Static

static

10

4260-20-0x...ry.exe

windows7-x64

10

4260-20-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    4260-20-0x0000000000400000-0x000000000062D000-memory.dmp

  • Size

    2.2MB

  • MD5

    5fd37f46a6a19e5cf122c96d21152522

  • SHA1

    211c11b230b669d2992d4fffbbb28ec93a26ede3

  • SHA256

    7e6eb7014813bdb876a7b9f4cb56f6f6c5b4dd22e77e2d082b0ac538db4c9ae2

  • SHA512

    c406d63d9759f9eb819e997a0675241ee826f94c20e4bf604693137c73e1df37284dccebb6bfe0603c55faec58c7e44127b971060fca25aa9e9a774d54fe9e45

  • SSDEEP

    3072:w+QZx7YwQ5jXl9t6Swu6bCYf5z46CyOVfF5yH0NI:PQZ1/Q9jtpf4DHO/5yHG

Score
10/10
stealc

Malware Config

Extracted

Family

stealc

C2

http://aidandylan.top

Attributes
  • url_path

    /3886d2276f6914c4.php

rc4.plain

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4260-20-0x0000000000400000-0x000000000062D000-memory.dmp
    .exe windows:5 windows x86


    Headers

    Sections