Overview

overview

10

Static

static

10

964-66-0x0...ry.exe

windows7-x64

964-66-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    964-66-0x0000000000400000-0x0000000000428000-memory.dmp

  • Size

    160KB

  • MD5

    414c2e128295045bdbf25f68d962306c

  • SHA1

    496525ccb3949d59af2ebebb7e59f0dfd6f5ae5e

  • SHA256

    3aac3d6a929ff6864ebb59c802c3b19a8814ec37fe2f2947e03a24465a3b1950

  • SHA512

    cd148b9b62bb152f1d0d0ae346d219042b821ebf5acce580eded9083dbc49dc328ce137e6b001789ae17e19052cd15fa10515649d3108b9274a04113534f2fc0

  • SSDEEP

    3072:5YO/ZMTFSvGYsniX0Gkkn+LYZVPDF85RXXhjSS:5YMZMBSvGYxEGkk+LYTOBXh

Score
10/10
colybrredline

Malware Config

Extracted

Family

redline

Botnet

colybr

C2

188.119.112.156:24790

Attributes
  • auth_value

    f6f76d681091d5a2764934b620eadcac

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline

Files

  • 964-66-0x0000000000400000-0x0000000000428000-memory.dmp
    .exe windows x86


    Headers

    Sections