Overview

overview

10

Static

static

10

2700-90-0x...ry.exe

windows7-x64

2700-90-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2700-90-0x0000000000400000-0x000000000041E000-memory.dmp

  • Size

    120KB

  • MD5

    517b88f9d34437325463869e5936a562

  • SHA1

    be0113f8cbc0b3bc62362e2361224979da9ca4b7

  • SHA256

    94d9cf202e01711fd5c600a76a808c53e0f47cdc4917ee4a46dea2841cc2f865

  • SHA512

    dad49e73c20f4204c2b8777460ad94167128cc72837619bb1907f18e165d405ab563f75dabff3520a5f36afdff25a54b65f80ecf0dfa804c5ac7534256fb5cda

  • SSDEEP

    1536:9qsINqLGlbG6jejoigI343Ywzi0Zb78ivombfexv0ujXyyed2R3teulgS6p:rAMOY3+zi0ZbYe1g0ujyzd5

Score
10/10
cheatredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

cheat

C2

161.129.36.99:55615

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2700-90-0x0000000000400000-0x000000000041E000-memory.dmp
    .exe windows x86


    Headers

    Sections