Overview

overview

10

Static

static

10

1556-78-0x...ry.exe

windows7-x64

1556-78-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1556-78-0x0000000000400000-0x0000000000428000-memory.dmp

  • Size

    160KB

  • MD5

    0ca75ef50ea90941b34c8536b900a9c6

  • SHA1

    f008786950a4381fc355ac4c9c4a27796c5f6b2b

  • SHA256

    5c36e3fcfa9d9f3571cf421b032d600fccc47373d3aaf9a8330fe568cfd89a6c

  • SHA512

    88d0b4049471d3fb01c8231a3989860a018a5fce82748f275711d62f7839cdf0ac9b86c84e58c17afd1535504192d58b9c0381df00a21d854c177cf4c70b41d6

  • SSDEEP

    3072:6YO/ZMTFXnAILj04EIfk2kTHtWVZDF3yRXShqSS:6YMZMBXnAI83Ifk2kTHtcYBSh

Score
10/10
volkaredline

Malware Config

Extracted

Family

redline

Botnet

volka

C2

89.208.106.66:4691

Attributes
  • auth_value

    55e3d2ed624d802226951cc2788e8bbe

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline

Files

  • 1556-78-0x0000000000400000-0x0000000000428000-memory.dmp
    .exe windows x86


    Headers

    Sections