General

  • Target

    3032-46-0x0000000000F40000-0x00000000015C9000-memory.dmp

  • Size

    6.5MB

  • Sample

    241002-18tdxstela

  • MD5

    0c0fdda4f6763e81aed8431631b392a6

  • SHA1

    60c5634f48b1b9e09650b8dcc5cc246824727a9a

  • SHA256

    3dcf9f1865805eaca3a364500666926c3b1ae90c72bdbcc2c7a930d397e819ff

  • SHA512

    13614a96cea5ffbddbc472abe41fabc305e499b4b1f48c249daf6de516e6d3ec077e44c62fbfd78ca678a83c3d1de256d169813bd4ec304b786eb7cbb7fbe950

  • SSDEEP

    49152:HwnZq+NraAcxztZTILEmWelu2gUGvLtl3pCj4xLDDf6s/WkFJ/g5:HwnJNr2wL6QLgUGvkj8j6Ww

Malware Config

Extracted

Family

stealc

Botnet

doma

C2

http://185.215.113.37

Attributes
  • url_path

    /e2b1563c6670f193.php

Targets

    • Target

      3032-46-0x0000000000F40000-0x00000000015C9000-memory.dmp

    • Size

      6.5MB

    • MD5

      0c0fdda4f6763e81aed8431631b392a6

    • SHA1

      60c5634f48b1b9e09650b8dcc5cc246824727a9a

    • SHA256

      3dcf9f1865805eaca3a364500666926c3b1ae90c72bdbcc2c7a930d397e819ff

    • SHA512

      13614a96cea5ffbddbc472abe41fabc305e499b4b1f48c249daf6de516e6d3ec077e44c62fbfd78ca678a83c3d1de256d169813bd4ec304b786eb7cbb7fbe950

    • SSDEEP

      49152:HwnZq+NraAcxztZTILEmWelu2gUGvLtl3pCj4xLDDf6s/WkFJ/g5:HwnJNr2wL6QLgUGvkj8j6Ww

MITRE ATT&CK Enterprise v15

Tasks