Overview

overview

10

Static

static

10

1220-55-0x...ry.exe

windows7-x64

1220-55-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1220-55-0x0000000000400000-0x000000000042E000-memory.dmp

  • Size

    184KB

  • MD5

    8b7fc0bf0fdd9f8577f54d1111cba023

  • SHA1

    40f9347d87123765ac3fcf9199bbc9573c78ec84

  • SHA256

    40fbf65b5e0c18daca638f4f623dc30aef16f42c34f5844a6a815128ff5b10b8

  • SHA512

    caf61daa62ce95f2fe93ca34d4423959cdb9e9b6afaa05c90072eb6f003a829883c548243989b092ed95710cb47a56a24f8555bd5803cd3bce67515aa934b1a4

  • SSDEEP

    1536:lFOgdKuoW9KqhVZCGW2s+PeV8WlE5wXvN7evTGqVEtWbumvlFhOzwPv84wYkk8eO:lFQuoITy8W+WiiqVE0NFMzwPvR8e8hb

Score
10/10
@cloudcosmicredline

Malware Config

Extracted

Family

redline

Botnet

@CLOUDCOSMIC

C2

157.254.164.98:28449

Attributes
  • auth_value

    c8ced34a15f6ccc97625aee05a0d1951

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1220-55-0x0000000000400000-0x000000000042E000-memory.dmp
    .exe windows x86


    Headers

    Sections