General

  • Target

    2216-1-0x0000000000400000-0x000000000043E000-memory.dmp

  • Size

    248KB

  • MD5

    3ffe4eb2a5d09a77a42a966f14814ca9

  • SHA1

    4a1101eaabb45c34bb6127b02332c4b0e1d5da36

  • SHA256

    45e35fea2371fd28260621f6d004abe5b02181a68f94ccbd5333890e980a83da

  • SHA512

    d4d2f883cbd02f37f008e469fefa76d82ac51cfb52a06ebbd127d3dc554a4c4744f9839971d8ae28b69dd4002feef28159e7757b0e442e5a04b3f9adade5f88b

  • SSDEEP

    3072:3P/E8k9ZjpIL+zNch12KbAwSaScJSp8Ghb8EG://E8k91zz6/tAN8EG

Score
10/10

Malware Config

Extracted

Family

marsstealer

Botnet

Default

C2

www.criminalaffair.com/07516e72fc86fad83aead3ae7.php

Signatures

  • Marsstealer family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2216-1-0x0000000000400000-0x000000000043E000-memory.dmp
    .exe windows:5 windows x86


    Headers

    Sections