Overview

overview

10

Static

static

10

4248-138-0...ry.exe

windows7-x64

1

4248-138-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4248-138-0x0000000000400000-0x0000000000432000-memory.dmp

  • Size

    200KB

  • MD5

    ab0b6ddb444f17a8a75c3a9f3d5f6dde

  • SHA1

    48976f802b67011c8507c092c758006a7301f4b1

  • SHA256

    df19ce9e782093c8eaa3980b75cb1749b92043022701ee59cbe403899ab7a32c

  • SHA512

    d950a6935f84adcea012627ba8bd5fb49c6d515afed59942a59bf42df8de6020942f02542ed0e84f499131f61d5dfaa789d5b922c67b026ee0b1318b705e48ca

  • SSDEEP

    3072:CxqZWXzaWAtdsw7xSeJZeDp9EhdnxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOK:wqZgw7xLJYEh

Score
10/10
@x1ps0ffredline

Malware Config

Extracted

Family

redline

Botnet

@x1ps0ff

C2

45.15.157.131:36457

Attributes
  • auth_value

    b28d2ee0ea17b7dd28ab2361f286e4a8

Signatures

Files

  • 4248-138-0x0000000000400000-0x0000000000432000-memory.dmp
    .exe windows x86


    Headers

    Sections