General

  • Target

    2800-9-0x0000000000400000-0x000000000062D000-memory.dmp

  • Size

    2.2MB

  • MD5

    0ca3ba798082e6bd6298743cb9ce3d6d

  • SHA1

    47d6c128574f10125a159af06b16c3456dc82145

  • SHA256

    321153261bad41d58e1a1035cab18b8d632bf86e5c61be45c0501e35077e67ea

  • SHA512

    24747418d26638c1cce13ffe6be5007841c8bb3d7ba8d44bc73f2e535f6f41d95914df65321e2ee6602b435ccb92caa7ce2eed98c7293ac5044888a261d3cf59

  • SSDEEP

    3072:RK0ufpwQ5jXl9t6Swu6bCYf5z46CyOVfFFfqP1:w0uiQ9jtpf4DHO/c1

Score
10/10

Malware Config

Extracted

Family

stealc

C2

http://193.42.32.99

Attributes
  • url_path

    /14baef17b6d04c23.php

rc4.plain

Signatures

  • Stealc family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2800-9-0x0000000000400000-0x000000000062D000-memory.dmp
    .exe windows:5 windows x86


    Headers

    Sections