General
-
Target
1944-5-0x0000000000400000-0x0000000000643000-memory.dmp
-
Size
2.3MB
-
MD5
16ec2c9fa89b3c8efca234564817a122
-
SHA1
938a9c86c0fd742d87c6e2e3b2cbcda45f075c5a
-
SHA256
eee47d7df6d58bee5f02cd15e0a1452d9f8ad6283145812745ceaa6fc23b1c34
-
SHA512
43850960636fd943fc9f5dc96f23312498806b353484c2bf4b72a46788c1708661aca612299e4fa23622f195be93b653d259c4740fd4282c542c571c1b183091
-
SSDEEP
3072:Uk9U0KFj5qj6o8KaxfE54HnnGqaKl+b2n8TZD4LFmpDa:Uky/j5K62aOanGqCbAy4LFADa
Score
10/10
Malware Config
Extracted
Family
stealc
Botnet
default
C2
http://185.215.113.24
Attributes
-
url_path
/e2b1563c6670f193.php
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1944-5-0x0000000000400000-0x0000000000643000-memory.dmp
Headers
Sections