General
-
Target
2452-2-0x0000000000400000-0x000000000062D000-memory.dmp
-
Size
2.2MB
-
MD5
943045ea70f2e736da8cb8d647f076b2
-
SHA1
2f8538dbe72059f36430216c0556012b5368dcfd
-
SHA256
ea1bbd56612c9f832f5685eab4d20e4603eef21eb3574a41047d86d0c0770b00
-
SHA512
2dc1d24ce0dd970dd87e5849bcde68566f469647081c5ddbb5c5d534fca44693d6ba042b0504e3c1db956de7d4f0bdd03263ed530a7617859db122c4553386b9
-
SSDEEP
1536:3I5Dlf0xro4tjPwkqp2kzi/15ERKwAHLFGzKjhqgUZdb4JElJL4gvjMTf9L6WuoZ:3ixkPwbpTK8Q5Uzf4JElJvIT4WuLRq
Score
10/10
Malware Config
Extracted
Family
stealc
C2
http://charlesjones.top
Attributes
-
url_path
/e9c345fc99a4e67e.php
rc4.plain
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2452-2-0x0000000000400000-0x000000000062D000-memory.dmp
Headers
Sections