General

  • Target

    2136-3-0x0000000000400000-0x000000000063B000-memory.dmp

  • Size

    2.2MB

  • MD5

    1d864530dbbffde894353e83581e887a

  • SHA1

    fb72ee4e811fbdd89e7bace309f8667bcf63b7d6

  • SHA256

    a6b308bfc1845bdd1d5c3d31acab09c1deb1334644e366b15b407b40bfebd6b8

  • SHA512

    9fa29c10d4450b2716f3cff14f44e48f9927492043a0aba0a9154f6b98a36141dadfd22278cbc31e3493131008576512aa409de9387ddcd1a2c8087d05952854

  • SSDEEP

    3072:uD57MfoQ5nUjcMdN4AQiU9UpTy5XcrGJ+4:uD54fjx7Wxh0UpuxgA+

Score
10/10

Malware Config

Extracted

Family

stealc

Botnet

default11

C2

http://185.172.128.170

Attributes
  • url_path

    /7043a0c6a68d9c65.php

Signatures

  • Stealc family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2136-3-0x0000000000400000-0x000000000063B000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections