General
-
Target
4600-2-0x0000000000400000-0x0000000002AB8000-memory.dmp
-
Size
38.7MB
-
MD5
6f69db3bb0b930455dee45eaa0f43eb5
-
SHA1
d985c7167270801d85968965d1708d0f42b3faf0
-
SHA256
03958ad8d6766d7251f0413defc8b01b151aff4ddb3f79eef58c0ecd19fdb543
-
SHA512
3511313db4dcda6f6f3e6d855d6e643a5950acb9ca936c11d45cbfb6e4ae7da8a22bbfe7bb32564d99e0e28a19ef6a63d7818f51e90f7cf94e7a7dde56235ea5
-
SSDEEP
3072:qb/fpFJ0mi2kWGreC41jBFNFaVfkUyBk3eFx/RCgB:o/f7Pi2kW0eZjPNFGklr
Score
10/10
Malware Config
Extracted
Family
stealc
C2
http://finnmanninger.icu
Attributes
-
url_path
/40d570f44e84a454.php
rc4.plain
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4600-2-0x0000000000400000-0x0000000002AB8000-memory.dmp
Headers
Sections