Overview

overview

10

Static

static

10

2080-178-0...ry.exe

windows7-x64

10

2080-178-0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2080-178-0x0000000000400000-0x0000000001A18000-memory.dmp

  • Size

    22.1MB

  • MD5

    b138bcf5b9c24fe91b151920ca371967

  • SHA1

    25edb51e7e13476195cce3bbcb0f5551563850e9

  • SHA256

    fced630a723762450f63e6c98f66548fc439b45ebace3bd66ba3141a171dcaa1

  • SHA512

    6718f37d481a7924b6ad4797b0c56f66bb18771d30f94f587391ae68dbe0337467af8293860b2e6662c55cb66a219053ebae1d2511070ae4db8a4f2b46077360

  • SSDEEP

    24576:+0oaPT64LN+R0Rv/3hu7v9SAioJnz0B7VtLcvXeEijAxPM+8rOZW/inAqKiosq4j:FoaP9TU

Score
10/10
stealc

Malware Config

Extracted

Family

stealc

C2

http://185.172.128.151

Attributes
  • url_path

    /7043a0c6a68d9c65.php

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2080-178-0x0000000000400000-0x0000000001A18000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections