Overview

overview

10

Static

static

10

2220-2-0x0...ry.exe

windows7-x64

10

2220-2-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2220-2-0x0000000000400000-0x0000000000643000-memory.dmp

  • Size

    2.3MB

  • MD5

    c30c4cba9c9e857f3e2976ab1033ce8c

  • SHA1

    7d498e149ab4b9827ee154f58bf3949a6ed91f56

  • SHA256

    718ada7f7661e3ffbb511685c6179280bdb02b533ee21d546990d8427f7678b0

  • SHA512

    662795bbd7a751834c887d9aa80dcaa97dc87e0e6a0195d9edd0346b323e50321b69b4a2e04ad3e0e656480249d69779a4c1dd2c8c86ab277a73ccac314bebaf

  • SSDEEP

    3072:Bk9W0KFj5qj6o8KaxfE54HnnGqaKl+b2n8Q7NaHkmSwisFmp+a:BkE/j5K62aOanGqCbALUEmhisFA+a

Score
10/10
dearstealc

Malware Config

Extracted

Family

stealc

Botnet

dear

C2

http://185.215.113.103

Attributes
  • url_path

    /e2b1563c6670f193.php

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2220-2-0x0000000000400000-0x0000000000643000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections