General

  • Target

    2612-226-0x0000000000A80000-0x0000000000CC3000-memory.dmp

  • Size

    2.3MB

  • MD5

    00b6605ce640ad44e32f1bfd533215f1

  • SHA1

    e2c60f64dd76473ba213aeffae97c641b130748e

  • SHA256

    cc1548df420ed53af56ef48475a21a713d22eb56467316f1ceb3b976839e263f

  • SHA512

    c1e9fe388e2e4f38a629a0759f69b7f66b412ca662c2175633987b45eb4be72d08019babd731a7d9be7ad68c2cba980ccf7b7ff8c6b1d0c8bc161b6d8a815201

  • SSDEEP

    3072:+8QUc1LwjZ7id0J415PnG66y0jgsZUIW1iTtF2xUa:+8QUcLw5iGy5vG6ajgvgFYUa

Score
10/10

Malware Config

Extracted

Family

stealc

Botnet

default

C2

http://185.215.113.17

Attributes
  • url_path

    /2fb6c2cc8dce150a.php

Signatures

  • Stealc family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2612-226-0x0000000000A80000-0x0000000000CC3000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections