Overview

overview

10

Static

static

10

2036-56-0x...ry.exe

windows7-x64

2036-56-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2036-56-0x0000000000400000-0x000000000042E000-memory.dmp

  • Size

    184KB

  • MD5

    1fe5541387f2a80b2b0ac6de872d387f

  • SHA1

    8f98b2557ff16e016162b579738fec59390e502f

  • SHA256

    96bc86769218476d695ac8a37029ea6ba35f7e892153a973d0587c9b0cc45841

  • SHA512

    bf42441e2ce466c014c62797ac6e5ece73a7b80705e070c7e69a92098fbff95abca4b18018ab79f63ac9fd9619ef30c158fbaf7fc70b0df836fef838c098487c

  • SSDEEP

    1536:CnuqtqlVZRGWY49rn4OSRoSmWwfLTGqV8bufcOVGB+DLm283wYkZ8e8hv:CnTrqlJSnweqV0uVm+DLm2H8e8hv

Score
10/10
@cosmiccloudadminredline

Malware Config

Extracted

Family

redline

Botnet

@COSMICCLOUDADMIN

C2

157.254.164.98:28449

Attributes
  • auth_value

    0c9b7221bd50ac4f7beb692ba88b2c78

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2036-56-0x0000000000400000-0x000000000042E000-memory.dmp
    .exe windows x86


    Headers

    Sections