Overview

overview

10

Static

static

10

2608-11-0x...ry.exe

windows7-x64

10

2608-11-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2608-11-0x0000000000400000-0x000000000062E000-memory.dmp

  • Size

    2.2MB

  • MD5

    04634765e879488592168cf28c3f9b3b

  • SHA1

    fb4c97f5174855206ebc150d4cc42834ca706562

  • SHA256

    a25d4cb08ef177f546e0acf8498c32874d8a03cd5e0793f28cf19f479eec9723

  • SHA512

    45ceaee628eb0780060eeb8318ccb0e5ce2039d24ada0ad3591c19dbaa8f34744d86b3b9981021ee4d27c8f3f855c5b3277364d0e9fae208f4ceeb2ce01b3907

  • SSDEEP

    1536:rHg47qWPlw/yzQO6PQB6oy5wIay/AOSxGPN0n6p/r2j8YDqavs46msTvmiOWRDZ+:Dg471w/yH6ooxFp/5Pr45eROQhuj

Score
10/10
stealc

Malware Config

Extracted

Family

stealc

C2

http://45.87.153.135

Attributes
  • url_path

    /5d4f090c730016b1.php

rc4.plain

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2608-11-0x0000000000400000-0x000000000062E000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections