General
-
Target
2968-160-0x0000000000400000-0x0000000001A19000-memory.dmp
-
Size
22.1MB
-
MD5
365bee44a3f565c2edd643920638cb51
-
SHA1
491c28d4739b438a1f40b52de6629c4f3fd4309f
-
SHA256
0670220fddef3b96f1a95510b2d35799f012fc33abb4361a60d966ee191bba3b
-
SHA512
764439964d20ecd0050507be43d9ecd648a2c1191de10d54b300997fe909015f0e4e63fd540c56acf3998fda9a8537284ee071559ead3e0d2499babe70995cd3
-
SSDEEP
3072:uvTLlG8KPgpJSG61doHN4NoQiUukOoyQSLGJ4qUkHEIFeI7Ild:uvThJryZoIohvkOpfABtEIFe1d
Score
10/10
Malware Config
Extracted
Family
stealc
C2
http://185.172.128.62
Attributes
-
url_path
/902e53a07830e030.php
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2968-160-0x0000000000400000-0x0000000001A19000-memory.dmp
Headers
Sections