Behavioral task
behavioral1
Sample
2624-27-0x0000000003CC0000-0x0000000003EED000-memory.exe
Resource
win7-20231020-en
General
-
Target
2624-27-0x0000000003CC0000-0x0000000003EED000-memory.dmp
-
Size
2.2MB
-
MD5
030c3baa567d901843230a3403ad677a
-
SHA1
765db6d43c8edbf582c7d388c5d1f4f23df0fe81
-
SHA256
858f0f8e0319102386553f0177c3dfd8e3c6b156f3765f21ff2ed2eef101e6df
-
SHA512
f53b347ac2759f4ede2c06eae6b7ad5a2b4aab3795940cdd225e11af84d5c31a579f38215ec5611d4720ad3982834df549ca6863478164c4ff37f132964923e1
-
SSDEEP
1536:TV/6EgcasplKQJa1HmAlfR9Rwk/Tr2GreyjS0Pz+Tcgr6SzI41jfwsLkWTvTNu:p/LgwFJ0mi2kWGreC41jBFvZu
Malware Config
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2624-27-0x0000000003CC0000-0x0000000003EED000-memory.dmp
Files
-
2624-27-0x0000000003CC0000-0x0000000003EED000-memory.dmp.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 73KB - Virtual size: 73KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 2.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ