General
-
Target
2644-2-0x0000000000400000-0x00000000007C8000-memory.dmp
-
Size
3.8MB
-
MD5
6d51de2222aecc3f3b233e7e40dc602d
-
SHA1
1fa08e28b55c215f76ee8b3f8687c43b998d59a3
-
SHA256
feaa1f873a7281cf35e46f423f5c4104ccbf320a0ab66f3b843ebb86f891cd01
-
SHA512
a565d872e9b0d8aae678695dd299601b5e364cdd8fc173df52fd68f71d284573fa2eca7e609de8a1781ad502e31c86768a84c9f3c4161b05679e133c7a101cac
-
SSDEEP
3072:Mb/fpFJ0mi2kWGreC41jBFtFaLqU2y/Ocat:C/f7Pi2kW0eZjPtFGzG
Score
10/10
Malware Config
Extracted
Family
stealc
C2
http://williammoore.top
Attributes
-
url_path
/40d570f44e84a454.php
rc4.plain
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2644-2-0x0000000000400000-0x00000000007C8000-memory.dmp
Headers
Sections