General
-
Target
2716-18-0x0000000000400000-0x0000000000711000-memory.dmp
-
Size
3.1MB
-
MD5
59003c4edde3b8cdac25e26a6abc793f
-
SHA1
9f3ca58752ccea2e636c3af16844e47d4eedd881
-
SHA256
9e044703c72abff37e1741979c3cf317f3d58f3cea6b8721c37c403b48a25882
-
SHA512
6f4f87ff845a6f2c2c9b6102b32be7a1244e2c126a3796f1844490ada4e714f45d9fabf0aa46a8c8b73f70c1a6f1d965623aecb0c30eee24ee337316b44b40b6
-
SSDEEP
3072:KwZx7tPwbpTK8Q5Uzf4JElJvIT4cZegsdRqNNJ4:bZ1xwbJKAzAElJA8/J84
Score
10/10
Malware Config
Extracted
Family
stealc
C2
http://171.22.28.221
Attributes
-
url_path
/5c06c05b7b34e8e6.php
rc4.plain
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2716-18-0x0000000000400000-0x0000000000711000-memory.dmp
Headers
Sections