Overview

overview

10

Static

static

10

4220-2-0x0...ry.exe

windows7-x64

10

4220-2-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    4220-2-0x0000000000400000-0x0000000000719000-memory.dmp

  • Size

    3.1MB

  • MD5

    a3527dc0b22f9b3e9c1ecfd408db7fdf

  • SHA1

    9eb7cf9f2d213cff30cf767ee65fe1505f9ed609

  • SHA256

    869b6c021cb198b26e31d268fcfc346c21260a2cfd9bab84c5616cb398101772

  • SHA512

    b8d6680f8915d723f25d4776bee12167dcf9f9d452eafa0d6e232ff15831fddcd68015003db4ab51d77bfea0fbbb3c7738c94013298a83aebe1dead6013fb9ea

  • SSDEEP

    3072:IwZx7tPwbpTK8Q5Uzf4JElJvIT4JAUexHGsP7y/RqAg8Xje:1Z1xwbJKAzAElJA8hbg8T

Score
10/10
stealc

Malware Config

Extracted

Family

stealc

C2

http://91.103.252.146

Attributes
  • url_path

    /1d9e38415ea54afa.php

rc4.plain

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4220-2-0x0000000000400000-0x0000000000719000-memory.dmp
    .exe windows:5 windows x86


    Headers

    Sections