Overview

overview

10

Static

static

10

2324-155-0...ry.exe

windows7-x64

10

2324-155-0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2324-155-0x0000000000400000-0x0000000000643000-memory.dmp

  • Size

    2.3MB

  • MD5

    6a3ada6cb5cc02a008926432cff76efa

  • SHA1

    a827ee3e7f0fdba888242d7bf4cad5acfa0eb1a7

  • SHA256

    03850beb168b67a02348d63cddf4467518e15a4d71d890504cd30e2007311e0c

  • SHA512

    c8586dacfd9f18997ebb36e73c95daac3ceb4f1cae3c0ed1f576b9d45f6a2f718832da1e54ae575a7e84e5088a462d3896568dc89a1b9a112fa8d532f377f06a

  • SSDEEP

    3072:Wk9W0KFj5qj6o8KaxfE54HnnGqaKl+b2n8OwW1iTtFmpKa:Wkg/j5K62aOanGqCbAvgFAKa

Score
10/10
defaultstealc

Malware Config

Extracted

Family

stealc

Botnet

default

C2

http://185.215.113.17

Attributes
  • url_path

    /2fb6c2cc8dce150a.php

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2324-155-0x0000000000400000-0x0000000000643000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections