Overview

overview

10

Static

static

10

1936-56-0x...ry.exe

windows7-x64

1936-56-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1936-56-0x0000000000400000-0x000000000042E000-memory.dmp

  • Size

    184KB

  • MD5

    86c3a162f9fa6152f2b649d03fabd4d4

  • SHA1

    19940620acd3067c410669509c5d8208675f3248

  • SHA256

    6421f4b5b385099d5f6b5e2191164ae348c16d1a2f4e29aca03c2175c4ebee3f

  • SHA512

    1e464507c957bdc887a3f2dacf8d84e58c47323e43bdf9d360d6d308901d9e453e97f2975322cc6f9595a0e446bb656607b356fc150038b2aaec8b6eb59b5a75

  • SSDEEP

    1536:IAL6qhVZCGWYaQjP/JU8WG4i6gTfA11NlRvTTGqVQlWbu2qlxTeB+84wYkE8e8hS:IwhA8WGZbumqVQMslBeB+R8e8hS

Score
10/10
@cloudcosmicredline

Malware Config

Extracted

Family

redline

Botnet

@cloudcosmic

C2

157.254.164.98:28449

Attributes
  • auth_value

    2a96f95378fa2dbe8eb36b119e8fc025

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1936-56-0x0000000000400000-0x000000000042E000-memory.dmp
    .exe windows x86


    Headers

    Sections