General
-
Target
5004-2-0x0000000000400000-0x000000000062D000-memory.dmp
-
Size
2.2MB
-
MD5
04840e7ef94c880a1d1dd8df607b8419
-
SHA1
8800289bd4872caa713d7f3c079f1c901add19bd
-
SHA256
8ba87ae913c1c814acf3b4e517cda860095822b0e9175928822b9929c9815267
-
SHA512
a199cf5242795036c231176c95ddc5e4938c0d6ac10fb17026f53bda92a364b30764c85beb310f207a04fc00167c50c956982b6fcc0d66e9fa4dc808ebf90008
-
SSDEEP
1536:3I5Dlf0xro4tjPwkqp2kzi/15ERKwAHLFGzKjhqgUZdb4JElJL4gvjMTf9L6buhZ:3ixkPwbpTK8Q5Uzf4JElJvIT4buIRq
Score
10/10
Malware Config
Extracted
Family
stealc
C2
http://charlesjones.top
Attributes
-
url_path
/e9c345fc99a4e67e.php
rc4.plain
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
5004-2-0x0000000000400000-0x000000000062D000-memory.dmp
Headers
Sections