General
-
Target
1740-124-0x0000000000400000-0x0000000000422000-memory.dmp
-
Size
136KB
-
MD5
66ff9a6cd8a1958692177e41dec9eab0
-
SHA1
42e100905cebac3155c5ca78d2ae52a9e783088b
-
SHA256
b3ec6d97072fdc51a325f93571825f21ea4cb004593d76d089a802f78ea027ac
-
SHA512
acb0aac6ada6a85217ae1e02c2aa7709cb46f2a33c187c2e10abd128c9e2d58e338f44c1f0dd192d3ed97f844b499e578f68710f02d3f149696e24c7256ad601
-
SSDEEP
1536:3e1UVb1USV87VnKzPN0jZPIkwjbuRGdwnhhyq/dHVKdbknEbG6qTaoig:uzlw1OZPIk6vwn/yOdHGkEe
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
@muffledsnaps_1
C2
185.80.53.81:80
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
SectopRAT payload 1 IoCs
-
Sectoprat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1740-124-0x0000000000400000-0x0000000000422000-memory.dmp
Headers
Sections