Overview

overview

10

Static

static

10

2748-222-0...ry.exe

windows7-x64

1

2748-222-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2748-222-0x0000000000400000-0x000000000062E000-memory.dmp

  • Size

    924KB

  • MD5

    3863ab59d8e93c263444f6efd8340de5

  • SHA1

    2e9482c17389e48fbca578e13d28552d13cfb711

  • SHA256

    96321b9f377933bf69258cacc3a7b74c39699ab8345e879c8968cc65dcafab8f

  • SHA512

    a64f3be250e0c270ebc9169f788e81a9fe3a698e98ba1643719442fae0eea250034a246fb3d80e3f7b2132e53fd184abf83197252df04277f6340ffd4bc3273f

  • SSDEEP

    1536:SHg47qWPlw/yzQO6PQB6oy5wIay/AOSxGPN0n6p/r2j8YDqavs46msTvmiOWRDZi:sg471w/yH6ooxFp/5Pr45eROQh

Score
10/10
stealc

Malware Config

Extracted

Family

stealc

C2

http://185.172.128.79

Attributes
  • url_path

    /3886d2276f6914c4.php

rc4.plain

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2748-222-0x0000000000400000-0x000000000062E000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections