General
-
Target
2908-191-0x0000000000400000-0x0000000001A17000-memory.dmp
-
Size
22.1MB
-
MD5
4f28edfc401ba6175b44881cdfe22e6d
-
SHA1
c299e9bb7e3ed10fbd2180d26c41c594891cb983
-
SHA256
52a3b9cd1f3c1588032924cc2980c1b90b28605ec67403bb7e4e8c27a7ce4ba7
-
SHA512
568c80ae806747e3183722573d6acda1c9f496c65b2a3e04ed1a47395524db20a64b7458619e6b91b42a966f24c6037a777bdd691d2abb1837ccb67513e7b5d0
-
SSDEEP
24576:70oJj/SmipxOs4R4bM8s/kr0e1DHM2AfGHCkc5aFB5J4NnadtRpTpJA2whKOtOf4:AoJjude
Score
10/10
Malware Config
Extracted
Family
stealc
C2
http://185.172.128.150
Attributes
-
url_path
/c698e1bc8a2f5e6d.php
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2908-191-0x0000000000400000-0x0000000001A17000-memory.dmp
Headers
Sections