General
-
Target
2196-2-0x0000000000400000-0x000000000062D000-memory.dmp
-
Size
2.2MB
-
MD5
a40cd2cb267f41129866367a03474be8
-
SHA1
66850e884fb1944ae92b071afc8d78347363f076
-
SHA256
ec1145050f5ed27ecca8c59d35f22b894a44d6215ec2b7ba0bb7b95f4745de0c
-
SHA512
5f05af5464f19b26cfebb0d0fb8d01f19a5b607da7cb69fd05055582324489b3182f7a25803c2c0ae2fc2beaf52b3bf7d5b4ae7667c6b74d9eda60f8ea1f464d
-
SSDEEP
1536:3I5Dlf0xro4tjPwkqp2kzi/15ERKwAHLFGzKjhqgUZdb4JElJL4gvjMTf9L6HuuZ:3ixkPwbpTK8Q5Uzf4JElJvIT4HuJRq
Score
10/10
Malware Config
Extracted
Family
stealc
C2
http://charlesjones.top
Attributes
-
url_path
/e9c345fc99a4e67e.php
rc4.plain
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2196-2-0x0000000000400000-0x000000000062D000-memory.dmp
Headers
Sections