General
-
Target
4856-40-0x0000000000400000-0x0000000000643000-memory.dmp
-
Size
2.3MB
-
MD5
3b62a6dc4751d06a812583b0cdcedc2b
-
SHA1
53eb346d775575fff2430bf4b896fa5698fa52ef
-
SHA256
efcafca57eca023eba232c6d655ac33a8bc59b3a49504c10908f4e452ed12ca7
-
SHA512
5803b3cc9d8babe3a37dcfa19b195796e6719ddf10c6f944c36149692b57988786f68d42a46b6492ab5edbd6ff4435039ad4a224728390b25c446cd2affe4aee
-
SSDEEP
3072:D1Ve1NFj5qD6o8KaxfE54HnnGiayl+beX8nt4I1FrJKa:D1s1jj5q62aOanGiqbIm1FdKa
Score
10/10
Malware Config
Extracted
Family
stealc
Botnet
default
C2
http://85.28.47.31
Attributes
-
url_path
/5499d72b3a3e55be.php
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4856-40-0x0000000000400000-0x0000000000643000-memory.dmp
Headers
Sections