Overview

overview

10

Static

static

10

2484-2-0x0...ry.exe

windows7-x64

10

2484-2-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2484-2-0x0000000000400000-0x000000000259F000-memory.dmp

  • Size

    33.6MB

  • MD5

    c1c9850b432e1d5049bf54aa495f799a

  • SHA1

    a292827b8f25c9e23158083d6f4a3f1ed449a711

  • SHA256

    3f70ba55f21df05138fee49113622ad59bfa7f7bf806f22ed50879d5406503c3

  • SHA512

    f5a5ec429e93a7feae4d229fdb126891bfb5a71235cc8e11f0ab67575b06631bb1058635339e526ab73e2dfeca5ca2681e16d6f6d1ee82abb1f4742dad4b8917

  • SSDEEP

    3072:lyMxBwQ5jXl9t6Swu6bCYf5z46CyOVfFQTcZgIibOl:sMxSQ9jtpf4DHO/8egdK

Score
10/10
stealc

Malware Config

Extracted

Family

stealc

C2

http://bryanzachary.top

Attributes
  • url_path

    /e9c345fc99a4e67e.php

rc4.plain

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2484-2-0x0000000000400000-0x000000000259F000-memory.dmp
    .exe windows:5 windows x86


    Headers

    Sections