General
-
Target
3184-2-0x0000000000400000-0x000000000062D000-memory.dmp
-
Size
2.2MB
-
MD5
f1bb4bc3f1c1a77ab309527b7c58a20f
-
SHA1
b8daf8466d8bbd9ca59d6f1fe7d0df040b51adb0
-
SHA256
175a43b693e479660023bc830d5966711ac0fbc411da52bd5acbb388774090ec
-
SHA512
9a70ebaa65e4fd59e6343bf6b95a3fc2064b86e66870666e2a7df70ff03c1fd169f7f4b0ed58533df730b05091f1c7d6b655dc8a3b62fc414cfc6907c0f93306
-
SSDEEP
1536:6ysz/6uyy8/WY/yKQJa1HmAlfR9Rwk/Tr2GreyjS0Pz+Tcgr6SzI41jfwsLkWTAq:ez/Zy16FJ0mi2kWGreC41jBFAZu
Score
10/10
Malware Config
Extracted
Family
stealc
C2
http://danielhamerling.icu
Attributes
-
url_path
/40d570f44e84a454.php
rc4.plain
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3184-2-0x0000000000400000-0x000000000062D000-memory.dmp
Headers
Sections