Overview

overview

10

Static

static

10

1388-150-0...ry.exe

windows7-x64

1388-150-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1388-150-0x0000000000400000-0x0000000000432000-memory.dmp

  • Size

    200KB

  • MD5

    94dfd8183ddaf70d3b11cd61f4609339

  • SHA1

    61e49d18a4992b8e6780d54498bdd512e6ab578c

  • SHA256

    b920552a1a36ad6d9c1a579d46417051d8efa90bb9ed3cd21ceed1cfcc372e6a

  • SHA512

    1fe675cecaf6d869b50960878c75f4abaa2a55682c54fd76d61b1243c2fd39a7461c7f940367c13ad8033e128a3d23a75aab0b3d9c9b1dc8bde91b1a9e3f2599

  • SSDEEP

    1536:+uBGlTP+mZP61CEYDmRSxcg4sWVlHx14P6OuQggtoQQGPbuoSImSJy0wuei/lv+6:YV+m5ctQmRSxGOSHRR1GELSshSZXD

Score
10/10
@crluu7redline

Malware Config

Extracted

Family

redline

Botnet

@crluu7

C2

167.235.158.92:45741

Attributes
  • auth_value

    7edd58fa8647e5797eab93a58f7cdd82

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1388-150-0x0000000000400000-0x0000000000432000-memory.dmp
    .exe windows x86


    Headers

    Sections