General
-
Target
1296-3-0x0000000000400000-0x000000000063B000-memory.dmp
-
Size
2.2MB
-
MD5
a8f1909c7168d6eb3be635c6223a44bb
-
SHA1
d62566e73bd59e7824addc5fc0f57a4ac2aae3ed
-
SHA256
b8dbfaf79f757b08141cb18efffd054149daca17ed17562f5344ab7aa923d3aa
-
SHA512
76cbce0b7e2f9429e11643c800e7d7bd5addd13f75ce50a93bf851582024faedf2d8873930c392e844f1744c0924c020321b29b0506ab28269791710fe5a7712
-
SSDEEP
3072:ivyLlG8KPgpJSG61doHN4NoQiUukOoy0bzyRy2GxhGJdU:ivyhJryZoIohvkOpE+M2GzAd
Score
10/10
Malware Config
Extracted
Family
stealc
Botnet
default100
C2
http://185.172.128.150
Attributes
-
url_path
/c698e1bc8a2f5e6d.php
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1296-3-0x0000000000400000-0x000000000063B000-memory.dmp
Headers
Sections