General
-
Target
4812-38-0x0000000000400000-0x000000000062D000-memory.dmp
-
Size
2.2MB
-
MD5
599b5e0b5e65dbeba03388d8b824f16f
-
SHA1
0c8433b67a80a15dced2e554716da37ba967dcb1
-
SHA256
96f8baa785d73dc89e4aba76c199b10855f09d769a68d39e35d5eb5fcff09d19
-
SHA512
0c463c1028660529df941623b1bd79d65c3efb88498e88bc44f1ba787cdd5029f1e4f5e29108438312fabeb967d7bbd0743d32f8ee7a8b88727fb38b4ae46201
-
SSDEEP
3072:GQ/UPwbpTK8Q5Uzf4JElJvIT4KjHiQLERq:3/WwbJKAzAElJA8KjHiQLK
Score
10/10
Malware Config
Extracted
Family
stealc
C2
http://85.209.11.51
Attributes
-
url_path
/fefb4a458e1dc58b.php
rc4.plain
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4812-38-0x0000000000400000-0x000000000062D000-memory.dmp
Headers
Sections