General

  • Target

    1136-215-0x0000000000400000-0x0000000002AF3000-memory.dmp

  • Size

    38.9MB

  • MD5

    8eac4708827f595c26059012e65eb679

  • SHA1

    42e7604d99cfd062510db65b2ae1aeb3dc23f621

  • SHA256

    a73a43b8a4dc4bf4a740a2aca972423b46ba2bbf2d58f12bb937a91d40046795

  • SHA512

    b0031729016541d3f9c328ef3ec040535dac74f82121946b84427d4a8a8b5ebe5bd105ee7b45507cef9e1ec95acf097763558f2681c7e4138288aec953d1c282

  • SSDEEP

    24576:70oijEjjikTxUxv/3BObPdtjyT+nzUhb1NrcvXf5ySRRvse8rO52fi03ah1IMK4B:Aoij

Score
10/10

Malware Config

Extracted

Family

stealc

Botnet

default100

C2

http://185.172.128.150

Attributes
  • url_path

    /c698e1bc8a2f5e6d.php

Signatures

  • Stealc family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1136-215-0x0000000000400000-0x0000000002AF3000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections