Overview

overview

10

Static

static

10

1684-38-0x...ry.exe

windows7-x64

1684-38-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1684-38-0x0000000000400000-0x0000000000D7E000-memory.dmp

  • Size

    9.5MB

  • MD5

    404f5b3241b9201cf7d1fbc0754886b5

  • SHA1

    cfa220f174cca4388f837fe0590dd5c08d7c30c1

  • SHA256

    94ec6f95178e786f7e0c83c8e70097ca3886d441f2401ddd8a37a872ff0689f5

  • SHA512

    6a1ecc5e8a4123b446648dc929eaf710667d9484aa282fb33c949a24e2166cd75ffe17fa1f2784e8270238c343325fdf6c27996b08fdbc25f5efa5d000751327

  • SSDEEP

    196608:QYvyzkPxumdz8VzrZgeNMOZdu4aVlNdBg4o2H8g2QKD:QYvyzoomdzGrZgeNPdu4+Nd22H8g/

Score
10/10
logsdillerstealc

Malware Config

Extracted

Family

stealc

Botnet

LogsDiller

C2

http://92.119.114.51

Attributes
  • url_path

    /2048ca003d511226.php

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1684-38-0x0000000000400000-0x0000000000D7E000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections