General
-
Target
1792-3-0x0000000000400000-0x000000000063B000-memory.dmp
-
Size
2.2MB
-
MD5
6a0e161916b3c9764ae4075e08a2324a
-
SHA1
0067992ab3035b4c5a1929cefb8bf6242bb5eb83
-
SHA256
534418378aba5fb0f31e6df07320a32920d1ecf8300b89779f448af84db6db81
-
SHA512
d460d1ca6d455e764c15709b470f0728dd37aca68ed3ad1d49ae7377869ba589b3b41e83eb1734a54013b1f1b56c48c6426ff613fdf094475db572f21c941ae8
-
SSDEEP
3072:8D57MfoQ5nUjcMdN4AQiU9UpTyPIhJFtxGJJ4:8D54fjx7Wxh0Upu2ztxAJ
Score
10/10
Malware Config
Extracted
Family
stealc
Botnet
default12
C2
http://185.172.128.170
Attributes
-
url_path
/7043a0c6a68d9c65.php
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1792-3-0x0000000000400000-0x000000000063B000-memory.dmp
Headers
Sections