General
-
Target
2336-126-0x0000000000400000-0x000000000041E000-memory.dmp
-
Size
120KB
-
MD5
67ca170bcbd859d70d022c17e1717a5f
-
SHA1
0f93bf97327df276009b0f0b655b06104c7850f7
-
SHA256
584a21e5fba790c5487f3f8bbdcece4d0a3ea57819d4917f49229c24747aee5f
-
SHA512
71a8dfc04c3aa2bf92bfd045eab30238dff87ec53c1faf81459fc3c34ed14397343c09f59a36e2884e73feae609be8db262452b6cd9959aa68dffba970dafd0b
-
SSDEEP
1536:Bqs+FRcqWClbG6jejoigI743Ywzi0Zb78ivombfexv0ujXyyed2ctmulgS6pUl:veRclyY7+zi0ZbYe1g0ujyzdIU
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
CashOutGang
C2
4.229.227.81:33222
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
SectopRAT payload 1 IoCs
-
Sectoprat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2336-126-0x0000000000400000-0x000000000041E000-memory.dmp
Headers
Sections