Overview

overview

10

Static

static

10

2756-269-0...ry.exe

windows7-x64

2756-269-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2756-269-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    d2e8371ed274bf94cb6a05cda4d8dd28

  • SHA1

    0e32d9544fd86762fd3b261e1455665c34535211

  • SHA256

    a6070f594d0724f66e5a7a0e70e70cff13a42b64c9567cab0dd7c3538d4d167f

  • SHA512

    7b7b10f4c1f91e9abcc80ec2f93ab01a2aeb41c0e9b73012c8ab0705f5f2e49a033fa2c04f8423b0b11da32bd07d8bbf062b26e78f42b91580378e1e288421b6

  • SSDEEP

    3072:oquGfLLwk3Zy+8DpZqVGc6IKkxDoftBqEp8e8hy:opGfLLwkp/MZUKkxDoftBqEp

Score
10/10
birgredline

Malware Config

Extracted

Family

redline

Botnet

birg

C2

185.161.248.66:81

Attributes
  • auth_value

    c5f3b490b0b2bb891396c313bb4d278e

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2756-269-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections