General
-
Target
1232-60-0x0000000000400000-0x000000000041E000-memory.dmp
-
Size
120KB
-
MD5
f1153d73ad2c38d4c9865ffd2e7d82d2
-
SHA1
a0ef3e30ae9e10d503a06c24e362241b3a2d9208
-
SHA256
2e56b80113a8897ef8203248eb38d843651aa25cb326eeca71ff23f6177f70b2
-
SHA512
bd7c922605c3158d12c945699c6e965f674cef3be61961c914bece4c0a84e7223b281279540e4e9a0cc0cfbeb9417fac6c69e41ac79eca8a608c21449969f5f4
-
SSDEEP
1536:xqs+jlqzWlbG6jejoigIr43Ywzi0Zb78ivombfexv0ujXyyed28teulgS6p:f2UeYr+zi0ZbYe1g0ujyzd0
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
base
C2
66.85.27.233:56586
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
SectopRAT payload 1 IoCs
-
Sectoprat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1232-60-0x0000000000400000-0x000000000041E000-memory.dmp
Headers
Sections