General
-
Target
5576-512-0x00000000007F0000-0x000000000080E000-memory.dmp
-
Size
120KB
-
MD5
ab418fe60e44c3557a0933d575a168dd
-
SHA1
806dfcdd4ff225b67d8c1277243d93aa035d469a
-
SHA256
3b3e944d3d58533093ee85bcd1b12a51dba0952d4c85c992ea749f59ac158e65
-
SHA512
061296bd9de3ac5aff218eabc526c7caf72d1a11bb03dc541cb4643382b25c18602756794ce5d6ea301cca9e96d8f5e391d48ca4a8f5a8a3fd2fa4bf54694367
-
SSDEEP
1536:xqsK1tqzClbG6jejoigIr43Ywzi0Zb78ivombfexv0ujXyyed2u3tmulgS6pk:f2tAyYr+zi0ZbYe1g0ujyzdsk
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
cheat
C2
54.91.200.119:80
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
SectopRAT payload 1 IoCs
-
Sectoprat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
5576-512-0x00000000007F0000-0x000000000080E000-memory.dmp
Headers
Sections