Overview

overview

10

Static

static

10

2052-170-0...ry.exe

windows7-x64

10

2052-170-0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2052-170-0x0000000000400000-0x0000000001A19000-memory.dmp

  • Size

    22.1MB

  • MD5

    6038317e25aaa1f1ec57960d3a630432

  • SHA1

    769b883a3dd13e2525210fb53bd24da44c2c166a

  • SHA256

    2305ebb87d7bdb7ab5c3724303a5ba1073bf6196d383b36feb2a3c6123cae48f

  • SHA512

    6b3a3d6da269616e4151cd18d40895e4c13dd0e17628902dac73da61dfc81dd864c15bf41b5479c632ecc22c2c6168e8f4952a36c9342c9638641b45cca057cb

  • SSDEEP

    3072:uvTLlG8KPgpJSG61doHN4NoQiUukOoyqqSLGJaU8HEIFeI7Ild:uvThJryZoIohvkOpyAadEIFe1d

Score
10/10
stealc

Malware Config

Extracted

Family

stealc

C2

http://185.172.128.62

Attributes
  • url_path

    /902e53a07830e030.php

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2052-170-0x0000000000400000-0x0000000001A19000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections