stealc | 3188-0-0x0000000000960000-0x0000000001011000-memory[.]dmp | Triage

Sharing

General

Target

3188-0-0x0000000000960000-0x0000000001011000-memory.dmp
Size

6.7MB
MD5

cc17f87d5c1de1aa6dd20f493aeb8a74
SHA1

181c355307f3ea7c879995740eeb81b64623d709
SHA256

5f2473f3ffa57bb96f48fe1c74ea5c7e32209fe4485d746477e74e7900597796
SHA512

c169534638dedac7d65349d2eba7273544dfa29a6cfec9a8aaae59f8be174d39b20ac0ddde63c54a80c954bec59352a18150a5046f2935cffc9b31e0d44701ad
SSDEEP

3072:VfeGxUJCa6sn53V6GGIXTkfJvQyMJejY8jIq/uHksA0/v+Q98X1P:7O8aj3V/a3MJ2H0GuHkivzqB

Score

10^/10

stealc

Malware Config

Signatures

Stealc family
stealc

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3188-0-0x0000000000960000-0x0000000001011000-memory.dmp

Files

3188-0-0x0000000000960000-0x0000000001011000-memory.dmp
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 90KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vqlcitjt
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dltifpvk
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE