Overview

overview

10

Static

static

10

5440-547-0...ry.exe

windows7-x64

5440-547-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    5440-547-0x0000000000450000-0x000000000046E000-memory.dmp

  • Size

    120KB

  • MD5

    667ba9aed5f8043222a6a122eeb6dada

  • SHA1

    db9fa06046955f9cc4c12f9203b7120ce4465b45

  • SHA256

    96492a252c0e2d88501f5e2ed4d4fb87fd495984981b77a9e0560ff1c99bb8fd

  • SHA512

    53d1f1162721cc5beb9c0931063714d6a4d00072a9c84f742fdfa5313053d0634dab052b7b7c2104613781b81129773cae223c4e2be5e274cbf58a2421b625f0

  • SSDEEP

    1536:KqswUqhfvlbG6jejoigIb43Ywzi0Zb78ivombfexv0ujXyyed2W3teulgS6pg:4tWfNYb+zi0ZbYe1g0ujyzdgg

Score
10/10
cheatredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

cheat

C2

ec2-54-91-200-119.compute-1.amazonaws.com:18448

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5440-547-0x0000000000450000-0x000000000046E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections