General
-
Target
2908-4-0x0000000000400000-0x000000000063B000-memory.dmp
-
Size
2.2MB
-
MD5
69444cee8ca91d6c213ed7cbd2320520
-
SHA1
899a21b75277c8360b77c86bc7d4f481beaf823f
-
SHA256
a05bd1520271649d14be824702f4624f899cf7ca4402a68aae008a65be69e07a
-
SHA512
b521c6304ab6e09181b1c816e67161ed5e67b9a6fbe2f592b66bb02fa95c7030c4d1d14032dbc96dfc1d6e8ac567d4eb49610a07bd20d597684115abb8f5aaf7
-
SSDEEP
3072:8PvSlG8SHgpJSG61doHN4NgQaUukOkzybYKrywpur:8PwZryZoIg5vkOkOPymu
Score
10/10
Malware Config
Extracted
Family
stealc
Botnet
install66
C2
http://94.156.8.100
Attributes
-
url_path
/5dce321003e6a6b5.php
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2908-4-0x0000000000400000-0x000000000063B000-memory.dmp
Headers
Sections