General

  • Target

    3048-0-0x0000000000400000-0x000000000043D000-memory.dmp

  • Size

    244KB

  • MD5

    5607e6ab56e7fae2264be317d266c09e

  • SHA1

    a09ea054b70333c0c263a3b97da45a378b709652

  • SHA256

    0d6863a6a79a5dd02058b08f7afd9d02ca8ed63e1ba50e581dcbd6812c1315b5

  • SHA512

    5e1978f22215afbdd5f377f438a205e631755aff14e9a4e50116f3ff1e1c36e6c060656a26cd62e0d71f996459b18f42b599ee0f7f1a7d628d6358dca9c30565

  • SSDEEP

    3072:Um/E8k9ZjpIn+zNch12KbAwSaSDJSp83b8EG:N/E8k91rz6/t68EG

Score
10/10

Malware Config

Extracted

Family

marsstealer

Botnet

Default

Signatures

  • Marsstealer family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3048-0-0x0000000000400000-0x000000000043D000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections