Overview

overview

10

Static

static

10

1660-122-0...ry.exe

windows7-x64

1660-122-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1660-122-0x0000000000400000-0x0000000000428000-memory.dmp

  • Size

    160KB

  • MD5

    17ddfebde82472c4b039bf1ef8fc2e26

  • SHA1

    9180fb7279c597e387ef34158e8621be3027c448

  • SHA256

    64164f19f26b73cd76d96d41f9da063692f28206c67436c4dd6cd3d50c1cd08a

  • SHA512

    089cd95d6d8a8502814a0999c0b7ed2540817db223bfccc61ab2166073c7a731a82cf6664ecfd7bf6d223e06f3d24b664de4ab6ae421e667586bffb0db656596

  • SSDEEP

    3072:wYO/ZMTF9h9owLZQxwKkQy9yvTlVNDFHyRXnhwSS0P:wYMZMB9h9oSQuKkQy9yRQBnh

Score
10/10
sethredline

Malware Config

Extracted

Family

redline

Botnet

SETH

C2

185.215.113.217:25060

Attributes
  • auth_value

    1442d36104cc73a201f7fb26fd29dadd

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline

Files

  • 1660-122-0x0000000000400000-0x0000000000428000-memory.dmp
    .exe windows x86


    Headers

    Sections