Overview

overview

10

Static

static

10

400-1426-0...ry.exe

windows7-x64

400-1426-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    400-1426-0x0000000000BA0000-0x0000000000BBE000-memory.dmp

  • Size

    120KB

  • MD5

    f5dc7aef2704b93bec66a629aee69dd0

  • SHA1

    f00739d5fd26f9ec012823eab6341d4b0fd3cc9a

  • SHA256

    4b5dea10a7ad64190852b7f27e7cca300ccfbdc6a0162328aefb169e68ea89b3

  • SHA512

    3f86e36c26c6954de450046d34e7d6a65a370bae0e85e1419ec7ef2eac1e6d2ebeebed96d12f2718ebfe2f140ce3cc5ad5c6637df7274b6c4d49793f0d88aad3

  • SSDEEP

    1536:ZqswOqJGlbG6jejoigIj43Ywzi0Zb78ivombfexv0ujXyyed2P5teulgS6pOl:37uOYj+zi0ZbYe1g0ujyzdOiO

Score
10/10
pixelnew2.0redlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

pixelnew2.0

C2

194.49.94.11:80

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 400-1426-0x0000000000BA0000-0x0000000000BBE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections