General
-
Target
4508-99-0x00000000005C0000-0x0000000000803000-memory.dmp
-
Size
2.3MB
-
MD5
df136af2ade6327431f6b60a3738a216
-
SHA1
9dd87bfeee93d55116898075ab85002d5ba8e1f9
-
SHA256
9cc338adc9ad691dcdfeb8dfe13369bf40a6418977f596545427f2fd215e8ee8
-
SHA512
ab9f0b1d23a1ff19803064ab852422248fda953a7cec3dfd2e703208fefa0e345defc57de9c88d08f96f783758ae9f22f219d8ac9eac2f3fa733234ce9b15e4a
-
SSDEEP
3072:o44XIsDtCKQTueTQM2R5UR4bTnGyaesHCF8bFD4LF+ddda:o44XhR/wl2Ra2LGyOHwC4LF+nda
Score
10/10
Malware Config
Extracted
Family
stealc
Botnet
default
C2
http://185.215.113.24
Attributes
-
url_path
/e2b1563c6670f193.php
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4508-99-0x00000000005C0000-0x0000000000803000-memory.dmp
Headers
Sections