General
-
Target
3052-2-0x0000000000400000-0x0000000000711000-memory.dmp
-
Size
3.1MB
-
MD5
d6b4455332b3d55bd85fae8b6cd88893
-
SHA1
eff50603214e583f93a93b236daf6a65d5271cd5
-
SHA256
eee01b759b4606384e8860f7abc41aae24cee3ea23f9a8c3801830e7d2c71dee
-
SHA512
561e6dc9f028702af427f2f92149f52376af1e6b73e06890cab67d6e1654d8d7e77c35955caeec1d865cc928f41ba5b67721bfc9f6062052e5d455e65d2e62ba
-
SSDEEP
3072:3ixkPwbpTK8Q5Uzf4JElJvIT4Mu5RRqhNW+f:SxmwbJKAzAElJA8LbOf
Score
10/10
Malware Config
Extracted
Family
stealc
C2
http://charlesjones.top
Attributes
-
url_path
/e9c345fc99a4e67e.php
rc4.plain
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3052-2-0x0000000000400000-0x0000000000711000-memory.dmp
Headers
Sections