General
-
Target
2600-153-0x0000000000300000-0x0000000000543000-memory.dmp
-
Size
2.3MB
-
MD5
47f9c1aa57bfda499466b083f834e0b7
-
SHA1
6f58edc1d7827eb2adc844585993057a871a91ee
-
SHA256
78382c9fce783496fba25f7577c6c30f525f2a551ad06c0d197027972421878d
-
SHA512
d286ede8db73f278e3085d1eb7b4b3ad2eba3fb27e0179b9f007d3ad3fdd3e91e28457deb0bdd2d1633c7c8e70d6f836eca027836d26c5f41bcfed8ec14bb4d9
-
SSDEEP
3072:GUAXRFTQjn4qLqVEM+433nGqa6krg8sgW1iTtFm7N9rZ6Jia:GUAvTWnhq+MHXGqSrgpgFQ/a
Score
10/10
Malware Config
Extracted
Family
stealc
Botnet
default
C2
http://185.215.113.17
Attributes
-
url_path
/2fb6c2cc8dce150a.php
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2600-153-0x0000000000300000-0x0000000000543000-memory.dmp
Headers
Sections