General
-
Target
2456-6-0x0000000000400000-0x0000000000661000-memory.dmp
-
Size
2.4MB
-
MD5
b8904f99e4b7fee4e83e5d3870f91da6
-
SHA1
5a725f15413d14c0dae39e39da593180be4868d5
-
SHA256
fffb639ea84d609bfd1f0abf9b9e79630c7bc6f6622f499d146d453f52f84ce5
-
SHA512
b7268303edbe08e1a97d463cff24fb8865f052cfdeceef0abb806c757200e357d0827ff0a7fe32e7bd8977f22d990241df08883ef23028d890dbcf12c8e80291
-
SSDEEP
3072:CBy+Ni+pxLMtUohuCugHsxMiiI4E2jJxKVhGecfkXgdrKUzrFC:CDi8xYtUokCulxMfpbK+engkcrF
Score
10/10
Malware Config
Extracted
Family
stealc
Botnet
default
C2
http://46.8.231.109
Attributes
-
url_path
/c4754d4f680ead72.php
Signatures
-
Stealc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2456-6-0x0000000000400000-0x0000000000661000-memory.dmp
Headers
Sections