Overview

overview

10

Static

static

10

2972-145-0...ry.exe

windows7-x64

10

2972-145-0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2972-145-0x0000000000400000-0x0000000001A17000-memory.dmp

  • Size

    22.1MB

  • MD5

    fc6dd4514ac788dd5086f0c6326e6337

  • SHA1

    017c43cc8c2ad755fb7b6997f45e7e2081578237

  • SHA256

    a60b66f08fc3526e88859b2ea7adb9d2bb826e3947bd7becd543c118c0bd13e6

  • SHA512

    eb866f03b6fcf867b0cad3530ce0551249c7708c473068a98dec6d60c62324beb4a8800c9024432adbfb8cd0f15155f2dbd686df458f1be9b6571007e5b5e977

  • SSDEEP

    24576:70oFj0eGipxOs4R4bM8s/kr0e1DHM2AfGHCkc5aFB5J4NnadtRpTpJA2whKOtOfr:AoFjAde

Score
10/10
stealc

Malware Config

Extracted

Family

stealc

C2

http://185.172.128.150

Attributes
  • url_path

    /c698e1bc8a2f5e6d.php

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2972-145-0x0000000000400000-0x0000000001A17000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections