General

  • Target

    31000-553-0x0000000000240000-0x00000000008D0000-memory.dmp

  • Size

    6.6MB

  • MD5

    936df628be6764b070637665ec415598

  • SHA1

    f7b387fec3b8390b7fbbb4c79a1f32254d6bea2a

  • SHA256

    63adda3eebe9f0e2d53040447fba36e4a003d00aea05062300e36f064d93b6b1

  • SHA512

    d387c6e4589f74016374742db6d9aa1b394bf74e5e612dfc1f8fd251d64e1a81be06a38ce737fd16301c602401b0d9d0f7c06c0b6cff5b4a4dc5ce27ce138a24

  • SSDEEP

    98304:uegfdT7yZhlAb/dIQwoXfquEsXKs3BU3o9kY4/kB:3AJFTiuj6Cm3oG

Score
10/10

Malware Config

Extracted

Family

stealc

Botnet

stok

C2

http://185.215.113.206

Attributes
  • url_path

    /c4becf79229cb002.php

Signatures

  • Stealc family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 31000-553-0x0000000000240000-0x00000000008D0000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections