Overview

overview

10

Static

static

10

1100-95-0x...ry.exe

windows7-x64

10

1100-95-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1100-95-0x0000000004780000-0x00000000047C4000-memory.dmp

  • Size

    272KB

  • MD5

    f6d8ff48ca6845f237b01418db080c16

  • SHA1

    3a98e23692f4d0f108fbaca6dbf78087841996a3

  • SHA256

    ffaabc9df8c9f5ddc5f85b137c3b81eddb7fa9c8cb4f20e0e5cf46e621fac44a

  • SHA512

    d7223b39a5fa48a87f3d15a46176abee84afc2930fdcd66e1fec4ca80016c26f8fe137f8fa8c9d5b5a07b33d197f66fd1ff9f415eaf8938090bf20847cd97ef2

  • SSDEEP

    3072:K6jYELp6VFxCcOmX9KWePM+wLQDCvgUo40fZ7IWfHhKdnHJEDCxNn2pU9f2MKTVi:K6j+kIILM+wLiYwSaHhQnHD

Score
10/10
fredyredline

Malware Config

Extracted

Family

redline

Botnet

fredy

C2

62.204.41.170:4132

Attributes
  • auth_value

    880249eef9593d49a1a3cddf57c5cb35

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline

Files

  • 1100-95-0x0000000004780000-0x00000000047C4000-memory.dmp
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections