Overview

overview

10

Static

static

10

2744-94-0x...ry.exe

windows7-x64

2744-94-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2744-94-0x0000000000400000-0x000000000041E000-memory.dmp

  • Size

    120KB

  • MD5

    aa392809c966961907c5db382dd133ca

  • SHA1

    c8b4f0aa1eda05eec6fa9f5343777aa3069f3ef2

  • SHA256

    33690827ac63f019f24c3537ae316cc8baa4d2c1077d7c2c32b5191aa42576fa

  • SHA512

    d822c25e24ae20dcac4af7c9ab8d735bbf6a3051ed1b285b011e775a8741a942a9caa20c1fb31161963a79581dbceca5658a09a84aa26823a91774c30d5e7caa

  • SSDEEP

    1536:5qs8OqJGlbG6jejoigIj43Ywzi0Zb78ivombfexv0ujXyyed223teulgS6p:XHuOYj+zi0ZbYe1g0ujyzdw

Score
10/10
cheatredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

cheat

C2

178.162.141.234:55615

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2744-94-0x0000000000400000-0x000000000041E000-memory.dmp
    .exe windows x86


    Headers

    Sections