General

  • Target

    2820-77-0x00000000008C0000-0x0000000000F5D000-memory.dmp

  • Size

    6.6MB

  • Sample

    250209-xzdekazpcy

  • MD5

    dbef425a2028266d1d693e27133131c7

  • SHA1

    0c0d632915501849bf354b8dd3eb68226c493480

  • SHA256

    7357550610fc1d6cbb764ee161f31bc6f9542d5858bfb35126311c1d8f5741e9

  • SHA512

    452fe0db8b1e3784efdb64643543e0cd6f6d54ecbbfdb5bce78f7b4ad965e39ae58ae2188de254c8e3835b637a458eb809f1dab6634c456c242ffa88137068f2

  • SSDEEP

    49152:nNvyrnUvExpt6Mh8tSgzCBZnjdetuVvUNqBk12gOeAAbGYdRcCR7n9h/Y:UbUvERphGzInj8JAk12JeASH7ph/Y

Malware Config

Extracted

Family

stealc

Botnet

reno

C2

http://185.215.113.115

Attributes
  • url_path

    /c4becf79229cb002.php

Targets

    • Target

      2820-77-0x00000000008C0000-0x0000000000F5D000-memory.dmp

    • Size

      6.6MB

    • MD5

      dbef425a2028266d1d693e27133131c7

    • SHA1

      0c0d632915501849bf354b8dd3eb68226c493480

    • SHA256

      7357550610fc1d6cbb764ee161f31bc6f9542d5858bfb35126311c1d8f5741e9

    • SHA512

      452fe0db8b1e3784efdb64643543e0cd6f6d54ecbbfdb5bce78f7b4ad965e39ae58ae2188de254c8e3835b637a458eb809f1dab6634c456c242ffa88137068f2

    • SSDEEP

      49152:nNvyrnUvExpt6Mh8tSgzCBZnjdetuVvUNqBk12gOeAAbGYdRcCR7n9h/Y:UbUvERphGzInj8JAk12JeASH7ph/Y

MITRE ATT&CK Enterprise v15

Tasks