General
-
Target
1980-5-0x0000000000400000-0x000000000063C000-memory.dmp
-
Size
2.2MB
-
MD5
8d1f11c401dd065fe890e91ab46443b5
-
SHA1
0be1c1e8e3d7164befa4fa52ec8031a59597681f
-
SHA256
7c0ba8965fdbb6d5bbde54bc6d4b21cd5fcc616a36831aafc660808917ef40c2
-
SHA512
2c0acc7b14cbb6db09313c052e319a332148bb39b43b476f1eea4f9996b96f2111933a85a0a6bc54bc54b4fd9bac570467040a432bbee79afa1a24fc3c76613b
-
SSDEEP
3072:U2BPX9LLbb+Vnh9N47rj7AqBlslal1XMTe5K45sW:U6Z/b+Vnh9Cj1kalpQej
Score
10/10
Malware Config
Extracted
Family
stealc
Botnet
hello
C2
http://91.92.240.120
Attributes
-
url_path
/e2d7d29621e1052a.php
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1980-5-0x0000000000400000-0x000000000063C000-memory.dmp
Headers
Sections