General
-
Target
1616-173-0x0000000000400000-0x0000000002AF3000-memory.dmp
-
Size
38.9MB
-
MD5
58767ff52f197bbd06b10e9a32c14b14
-
SHA1
48430ab0400bf771ab2a967773a912fd11705468
-
SHA256
20f3ed7fe392fbe561895c8fd025790648bcb6f153ce7ec01d95ca49250e0b3f
-
SHA512
9c66c1913927df0de30b8d8c15697e43ee3031c58578544689d837abcb2ddac756186541a5b0423d755adf60fc432febbaa5c63c633697a8bed12219df9ed781
-
SSDEEP
24576:+0oJPSXDikTxUxv/3BObPdtjyT+nzUhb1NrcvXf5ySRRvse8rO52fi03ah1IMK4B:FoJP
Score
10/10
Malware Config
Extracted
Family
stealc
Botnet
default100
C2
http://185.172.128.151
Attributes
-
url_path
/7043a0c6a68d9c65.php
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1616-173-0x0000000000400000-0x0000000002AF3000-memory.dmp
Headers
Sections