Overview

overview

10

Static

static

10

2604-252-0...ry.exe

windows7-x64

2604-252-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2604-252-0x0000000000010000-0x000000000002E000-memory.dmp

  • Size

    120KB

  • MD5

    c8bd5fdbac683be29b3949ba6a55adc4

  • SHA1

    3d24abdb158d9c2fb3a65be65538e86895b5ab9e

  • SHA256

    3f0beb57e3e5a6165edcbb4c06840ce99617c3738ed0b3e5307af7d89de972f7

  • SHA512

    f9a2f4ea5a33c07ffee53c82ed44a7f69cf0d2cc0e056726ef0f0c71e3dab48f1c6737b8364ad12ab33d5ec71a0fa766573fbaa8c69c2823a56d042524139e0f

  • SSDEEP

    1536:kqskoqu3lbG6jejoigIH43Ywzi0Zb78ivombfexv0ujXyyed2atmulgS6pnl:it1FYH+zi0ZbYe1g0ujyzden

Score
10/10
pixelscloud2.0redlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

pixelscloud2.0

C2

85.209.176.128:80

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2604-252-0x0000000000010000-0x000000000002E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections