General

  • Target

    2940-17-0x0000000000400000-0x0000000000646000-memory.dmp

  • Size

    2.3MB

  • MD5

    12315b6bb80a4c0c26b0843383de2519

  • SHA1

    abefe1745091cf23b179ca36d310b02958d08657

  • SHA256

    4b9a1e4b66e74e0eb53717b485f1d35c5ab34427346a74a80c569ed9b68ea03d

  • SHA512

    ff3612f6fd8687428744678ff37f6924bfb1916077062bdbbfe55f75316e16229bb6fbe167e7eae9be591bfe24ff68c82c0e30beb44da68f216abf9674000861

  • SSDEEP

    3072:Gf8nGHElvZZT+4qXcHvuefUbgtvfYtgJSmrjCBUv:m8nFlvCxBX2XYKSsjUA

Score
10/10

Malware Config

Extracted

Family

stealc

rc4.plain

Signatures

  • Detect Vidar Stealer 1 IoCs
  • Stealc family
  • Vidar family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2940-17-0x0000000000400000-0x0000000000646000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections