Overview

overview

10

Static

static

10

3944-310-0...ry.exe

windows7-x64

3944-310-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    3944-310-0x0000000000400000-0x000000000041E000-memory.dmp

  • Size

    120KB

  • MD5

    c6f38ef9fee214dacdf0e79865cec599

  • SHA1

    3bee3825f5c53cb41d1ad5c7f3ef86b0199bdd25

  • SHA256

    d9f3c3db3ef6be4540f8b6cd93e11a31688f173a8ac3cd3615adecb511bba092

  • SHA512

    2271fecda68bd00d202644c879fb0c2a9976cd94baf202d157ece5ba251a7dc0d20472c1bc3df5bcad04fa0c91c991fe83afd1fda7d84d7479ecc94b9e053fe3

  • SSDEEP

    1536:Vqs+5qeUlbG6jejoigI843Ywzi0Zb78ivombfexv0ujXyyed2ztmulgS6pA:TSlMY8+zi0ZbYe1g0ujyzdbA

Score
10/10
ultimatecrackpackredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

UltimateCrackPack

C2

51.83.170.23:16128

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3944-310-0x0000000000400000-0x000000000041E000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections