General
-
Target
1932-3-0x0000000000400000-0x000000000063B000-memory.dmp
-
Size
2.2MB
-
MD5
42e824ef55b14862c2a5c42e3ae6a2c1
-
SHA1
72615cef22da465f6bbb284310628580c3c3b2c9
-
SHA256
a947f6fb832613492639a118482b9e1ca7df36b350f2b4422ee22c89e8f2e7d0
-
SHA512
276ff2681ace0319de7ab2e578f42fa1b8e87d4a6e6aeefb62a0412ad3c2615457e9789911a68b3c2e3fb65e59fcd942e92ecc840870e0cf703a901c01de7158
-
SSDEEP
3072:ivyLlG8KPgpJSG61doHN4NoQiUukOoyjbzyRy2GxhGJaOU:ivyhJryZoIohvkOpP+M2GzAaO
Score
10/10
Malware Config
Extracted
Family
stealc
Botnet
default100
C2
http://185.172.128.150
Attributes
-
url_path
/c698e1bc8a2f5e6d.php
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1932-3-0x0000000000400000-0x000000000063B000-memory.dmp
Headers
Sections