stealc | 2756-0-0x0000000000A60000-0x0000000001116000-memory[.]dmp | Triage

Sharing

General

Target

2756-0-0x0000000000A60000-0x0000000001116000-memory.dmp
Size

6.7MB
MD5

30855b7559e0fac479b6b6e1781878e1
SHA1

804323eeff0388bec9df19009796e9c8d24ddb4f
SHA256

2b3ed78dba20cf7da70db04bb72e0483dbc8cffa55967dabd1fbdfeb17d9dcf5
SHA512

5e7648a9d875bf88b7e676b4bc821b58879956751e07a5b86d40423052ec4ba0d3b69cc6b730608bd7749bc187b7b3277c1bd3a8077387b0d5f20f4c156d7bbc
SSDEEP

3072:7iD/nkkoY8Uwo5cKW5YitcX4TNrEmYWF3j8soHc4:7uPTD8Uwo5cKfi2GfYgj8z

Score

10^/10

stealc

Malware Config

Signatures

Stealc family
stealc

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2756-0-0x0000000000A60000-0x0000000001116000-memory.dmp

Files

2756-0-0x0000000000A60000-0x0000000001116000-memory.dmp
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 138KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pciwzsqs
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ngimkhje
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE