redline | 2476-27-0x0000000000400000-0x000000000041E000-memory[.]dmp

General

Target

2476-27-0x0000000000400000-0x000000000041E000-memory.dmp
Size

120KB
MD5

6807df51c8d153e20d4a1e89d7c310f6
SHA1

8232d468daa7a66dc030cc3234f85162ee65afa9
SHA256

4cf9b1fef7f32f74f6147e24191b99195ef00d03dcf8fcb877a9de44ddccd218
SHA512

8aa4465708c2a9723bf3a8ee724d2084405cc3c6dab076efea843ecd6209e407d90718cda2c155ef7ed19f11875d177aea6f559d561fac36de2ec5402e5a56a2
SSDEEP

1536:5qsCbqDylbG6jejoigIj43Ywzi0Zb78ivombfexv0ujXyyed2k3tmulgS6p:XEwiYj+zi0ZbYe1g0ujyzd+

Score

10^/10

Family

redline

Botnet

cheat

C2

185.222.57.134:55615

RedLine payload 1 IoCs

Processes:

resource yara_rule

sample family_redline
Redline family
redline
SectopRAT payload 1 IoCs

Processes:

resource yara_rule

sample family_sectoprat
Sectoprat family
sectoprat

resource	yara_rule
sample	family_redline

resource	yara_rule
sample	family_sectoprat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2476-27-0x0000000000400000-0x000000000041E000-memory.dmp