General

  • Target

    NEAS.c05eddb81e5f02767685b4b4e3833190.exe

  • Size

    191KB

  • MD5

    c05eddb81e5f02767685b4b4e3833190

  • SHA1

    97267862931af535afacd041459619dad8091a4a

  • SHA256

    8b6f1e7e986a8d4ce9df4b01868bb7c81ab2feddaccb95e0408b855e28ce1e95

  • SHA512

    a60c85e539889908e8b8f201e11bdf13015828f1b646a6cfadb34023ea8d8820947d00a88522ead00e49cc66748e58627aeb2c8990f62a1e45f16e6a05b29264

  • SSDEEP

    3072:OyM1BwQ5jXl9t6Swu6bCYf5z46CyOVfFlz3ZChICQJs7+WZGuSXW6GVV6tXLIZEL:dM1SQ9jtpf4DHO/lzYhpQJw3ZLVUas

Score
10/10

Malware Config

Extracted

Family

stealc

C2

http://193.233.232.98

Attributes
  • url_path

    /1f1ba0e25ee80277.php

rc4.plain

Signatures

  • Stealc family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • NEAS.c05eddb81e5f02767685b4b4e3833190.exe
    .exe windows:5 windows x86

    372dad7e771f409df9ab1b912548c291


    Headers

    Imports

    Sections