General
-
Target
1964-2-0x0000000000400000-0x000000000062D000-memory.dmp
-
Size
2.2MB
-
MD5
8a09484ded93fe3e5cf8dc18b67a3c02
-
SHA1
375d810b71dafe669c4c381f5f6ae80504843640
-
SHA256
53b45072f05f5ef16aa4e2dfc42095528b921bdfbf147a02fc00a480e3f7d7e6
-
SHA512
38846313da12c89848f6853810216b954882260fc655737962a8ba913891d08352c08e9810674516689d3afa3a13dc26ef7d7d3c65e4f7368e079c577fef01e1
-
SSDEEP
1536:3I5Dlf0xro4tjPwkqp2kzi/15ERKwAHLFGzKjhqgUZdb4JElJL4gvjMTf9L6zu4Z:3ixkPwbpTK8Q5Uzf4JElJvIT4zubRq
Score
10/10
Malware Config
Extracted
Family
stealc
C2
http://charlesjones.top
Attributes
-
url_path
/e9c345fc99a4e67e.php
rc4.plain
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1964-2-0x0000000000400000-0x000000000062D000-memory.dmp
Headers
Sections