Overview

overview

10

Static

static

10

1372-56-0x...ry.exe

windows7-x64

1372-56-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1372-56-0x0000000000400000-0x0000000000428000-memory.dmp

  • Size

    160KB

  • MD5

    15a3bb8b8dda740a4f346579add74370

  • SHA1

    37447fd87633f0093691338303a68fb32dd4c7cb

  • SHA256

    f0deba4cf2ee735cec1b3ab4ff170ed9051785cb2f9f4134c751b204c2d76d5d

  • SHA512

    47422b90b2dad5de36a8f5c6ff0cc1b76eaa4c7c91f45d01f7729f33a86d10bbe4ffb318f9ae8ac7d50f137e854dceb75e8c4dd402b6256a4fc03a28492a52cd

  • SSDEEP

    3072:wYO/ZMTFMtFswLs7eXwQBpGV7DFjyRXlhLSS0r:wYMZMBMtFs7CgQe8Blh

Score
10/10
@wuz1muuredline

Malware Config

Extracted

Family

redline

Botnet

@wuz1muu

C2

79.137.204.112:80

Attributes
  • auth_value

    a3a33a7e6530b7d72a0b8cb8ad20aa64

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline

Files

  • 1372-56-0x0000000000400000-0x0000000000428000-memory.dmp
    .exe windows x86


    Headers

    Sections