Overview

overview

10

Static

static

10

6560-3362-...ry.exe

windows7-x64

10

6560-3362-...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    6560-3362-0x0000000000800000-0x0000000000A2D000-memory.dmp

  • Size

    2.2MB

  • MD5

    cdd06cd09ebf49e72e4982406c846bc4

  • SHA1

    d0e6e94d8f3d30584f550cd21a9a1c291f152da5

  • SHA256

    1836ea3621fcd1d4655387fb1b5dabb3c4a42d90d8b4365642bcbfeb061108e8

  • SHA512

    2d63f80135dcb1c26769d80ebfc7026d52319a479a6e12675ba44488f7aa563b3f70f337a26d985a8a8593f1ba99cc91b86a4434a83d6bd0167495865f57bd40

  • SSDEEP

    1536:KlWHblmDl6GOCIa1H75R9Rwk/Tr2GoIeuS0Pz+Tcgr6SzI4lwsLF8JWTBT5az2:0WHblmZ6X092kWGreC4LJvBFaz

Score
10/10
stealc

Malware Config

Extracted

Family

stealc

C2

http://77.91.68.247

Attributes
  • url_path

    /c36258786fdc16da.php

rc4.plain

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6560-3362-0x0000000000800000-0x0000000000A2D000-memory.dmp
    .exe windows:5 windows x86


    Headers

    Sections