General
-
Target
2708-11-0x0000000000400000-0x0000000000643000-memory.dmp
-
Size
2.3MB
-
MD5
c57953876dfb1d14aa59d3932a38f525
-
SHA1
f6dd85bde14a6d6cd99dd08d4efd085ad3ffb4d9
-
SHA256
5b45cb9daf880483a70b0fd8801a70f0380b49c8bc5e77ef6a887bf3cc61c947
-
SHA512
25bc4f46b472b79f7feeabe3754a5951ff2c4e07331a45c715a3e958eec9e088e022f130513ab0fa102bb630a61a5ede570c58039654db56f54c96de9656d9b0
-
SSDEEP
3072:a1V81NFj5qD6o8KaxfE54HnnGiayl+beX8ngApWFrJKa:a1C1jj5q62aOanGiqbIpFdKa
Score
10/10
Malware Config
Extracted
Family
stealc
Botnet
default
C2
http://46.8.231.109
Attributes
-
url_path
/c4754d4f680ead72.php
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2708-11-0x0000000000400000-0x0000000000643000-memory.dmp
Headers
Sections