Overview

overview

10

Static

static

10

2768-25-0x...ry.exe

windows7-x64

10

2768-25-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2768-25-0x0000000000400000-0x000000000062E000-memory.dmp

  • Size

    2.2MB

  • MD5

    f1eff478549fea2c2288d12aa62e1bf9

  • SHA1

    b19ca8f4240fc9333b4514723df1040097c7355a

  • SHA256

    0d1a2b820feb2f99b749c0050d6fbf2c3617e2e696cddf9aac10dc430e4e8e92

  • SHA512

    5e0003eff540ce9dbe697de484a68564133720924bdb09c1098e316c94fc99fdc985c3c863e8560c2bc932bd99a9ae776eedf177fea89133c1c0a6c3316004be

  • SSDEEP

    1536:MPxuHrsMhitNwCjxt5vXxDa3T9ZRTtTzRt4jJ83EJzLWDh4YK6iM4rSdsxJ+PDGO:exuHLcpj5hD6T9ZLTzMG4r6oGj

Score
10/10
stealc

Malware Config

Extracted

Family

stealc

C2

http://138.201.196.248

Attributes
  • url_path

    /10bfb33db816f4b6.php

rc4.plain

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2768-25-0x0000000000400000-0x000000000062E000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections