Overview

overview

10

Static

static

10

1496-2-0x0...ry.exe

windows7-x64

10

1496-2-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1496-2-0x0000000000400000-0x0000000000711000-memory.dmp

  • Size

    3.1MB

  • MD5

    a00462805940f837a079344b7ad3d4ed

  • SHA1

    6de86d4e2e6bc8c69e11f0998bf0a11f59acb8f3

  • SHA256

    7a4962cd575d04f076ab9b881b4b6123d10353f5aa8146c8d4420ea4669c538c

  • SHA512

    310ff187f15ff3fca0998371938699eb2f5a37e713c19a349f77cedd9ec2c3448ec1949a721ad9be50f92b7d3f2cfebf742b917860e30fbdca6b7b8edb6867a2

  • SSDEEP

    3072:KwZx7tPwbpTK8Q5Uzf4JElJvIT46Ze7RqGNOf:bZ1xwbJKAzAElJA8xtMf

Score
10/10
stealc

Malware Config

Extracted

Family

stealc

C2

http://171.22.28.221

Attributes
  • url_path

    /5c06c05b7b34e8e6.php

rc4.plain

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1496-2-0x0000000000400000-0x0000000000711000-memory.dmp
    .exe windows:5 windows x86


    Headers

    Sections