General
-
Target
1808-2-0x0000000000400000-0x000000000062D000-memory.dmp
-
Size
2.2MB
-
MD5
4c2f80233d2791e30f76a25bfbd23840
-
SHA1
88c4bc97f9030959b7dba6242203e11d4fe380f8
-
SHA256
85fec75bc486d0220fc8f7cb012bac3bccf9327bd1a5e81813ae25056373c402
-
SHA512
25ce548a8121d4b7904cb44b9a45c7dc0ddf2098a67f3051e855b1fae95a9401546fd21b9ac59360efdd4a77f26256c6f281aae14159e37135f67f28971164ab
-
SSDEEP
3072:RyMxBwQ5jXl9t6Swu6bCYf5z46CyOVfFSxghBPI:oMxSQ9jtpf4DHO/Sxgh5
Score
10/10
Malware Config
Extracted
Family
stealc
C2
http://jesseaustin.top
Attributes
-
url_path
/e9c345fc99a4e67e.php
rc4.plain
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1808-2-0x0000000000400000-0x000000000062D000-memory.dmp
Headers
Sections