General

  • Target

    2828-14-0x0000000000400000-0x000000000043D000-memory.dmp

  • Size

    244KB

  • MD5

    988c4fa0ff1d2d1a8bd0bf0db28f8c47

  • SHA1

    5da26c7e62264ffd2d2c9b4fe92f3533d3fe41a1

  • SHA256

    40906ae05bd839e86785e6dfa886fb2ba46cb87c23e5bbd7bd4ad8fa1677aeb2

  • SHA512

    ca6dab6987ca53174490d8151fa9be992430497cf1a42524232cda04568e4244ac0f966c4cf2db151de0f0d23956a5f7c239b94d06cc6b0011de6d5404b353de

  • SSDEEP

    3072:Um/E8k9ZjpIn+zNch12KbAwSaSXJSp89b8EG:N/E8k91rz6/tE8EG

Score
10/10

Malware Config

Extracted

Family

marsstealer

Botnet

Default

Signatures

  • Marsstealer family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2828-14-0x0000000000400000-0x000000000043D000-memory.dmp
    .exe windows:5 windows x86


    Headers

    Sections