Overview

overview

10

Static

static

10

2960-3-0x0...ry.exe

windows7-x64

10

2960-3-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2960-3-0x0000000000400000-0x0000000000711000-memory.dmp

  • Size

    3.1MB

  • MD5

    6b393246169f0f3140c9d763ea756861

  • SHA1

    7299e47cdec7bae42e4d06a4b709762de4af8284

  • SHA256

    cec91d4df615f0b2e32803ac0a0c47d5448d0566b25fa538c0c096c6271bdcf4

  • SHA512

    fe4d37ce12290d310f8f7322aaabba86426f770bbc5f19d48f4e96798f4ea3ef877f6bcf3913cb84611b30ebf234b503a0265c82220534cb20cae5f889f2ad35

  • SSDEEP

    3072:YixkPwbpTK8Q5Uzf4JElJvIT4PNqOp5cCXjobRq1:fxmwbJKAzAElJA8PNqOp5cCsN

Score
10/10
stealc

Malware Config

Extracted

Family

stealc

C2

http://bryanzachary.top

Attributes
  • url_path

    /e9c345fc99a4e67e.php

rc4.plain

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2960-3-0x0000000000400000-0x0000000000711000-memory.dmp
    .exe windows:5 windows x86


    Headers

    Sections