Overview

overview

10

Static

static

10

3988-3-0x0...ry.exe

windows7-x64

10

3988-3-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    3988-3-0x0000000000400000-0x000000000062E000-memory.dmp

  • Size

    2.2MB

  • MD5

    8f11c3d5148cbdf8e2070a11df4db11d

  • SHA1

    d62dc81be5ecb113676adf5c3fdbb01d4ff43041

  • SHA256

    0fe75248a3460176f3d5e4a9b614d47a6819dc86582fa50e757d74591f6cd47d

  • SHA512

    7827893572f7c0b6d728f5f056c81d9dcc7c781a6b30752e2cd08c8d6013b427b8f14dcddc4eadba74e60781c0bc6ade8714d1b038329281f1c7f1c7dd9b6b4e

  • SSDEEP

    1536:bvgeMVDDKpQw/yzQO6PQB6oy5wIay/AOSxGPN0n6p/r2j8YDqavs46msTvmiOWRO:rgeMFVw/yH6ooxFp/5Pr45eROQh0r

Score
10/10
stealc

Malware Config

Extracted

Family

stealc

C2

http://5.42.66.58

Attributes
  • url_path

    /3886d2276f6914c4.php

rc4.plain

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3988-3-0x0000000000400000-0x000000000062E000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections