Overview

overview

10

Static

static

10

1996-54-0x...ry.exe

windows7-x64

1

1996-54-0x...ry.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1996-54-0x00000000001B0000-0x00000000001E0000-memory.dmp

  • Size

    192KB

  • Sample

    230612-leqnlsbg8z

  • MD5

    dfdf1eac9400d2da414cde7450490045

  • SHA1

    99816e3f0632bba7b384169ebe1bf8aad825420d

  • SHA256

    647704f63d6403e921b6cfc5c38a9376d9e48ba227795089386314ba7f65f774

  • SHA512

    e82199bdc0347f74543e9a6ac0116dd89becaf08de1360998b960ed0fc68a980a098db28cff79fad97f21cb76464e93939e120441cc919b85deb7bcb6ec15efe

  • SSDEEP

    3072:MKfN10T8hFnWmMJxN/GJvQf3xGPn78e8hN:ZNvWmMR1f3xGPn7

Score
10/10
redline@cloudcosmic (https://cloudcosmic.store)microsoftphishing

Malware Config

Extracted

Family

redline

Botnet

@CLOUDCOSMIC (https://cloudcosmic.store)

C2

157.254.164.98:28449

Attributes
  • auth_value

    34d166c21d3c623b65c1799fd54aa9f9

Targets

    • Target

      1996-54-0x00000000001B0000-0x00000000001E0000-memory.dmp

    • Size

      192KB

    • MD5

      dfdf1eac9400d2da414cde7450490045

    • SHA1

      99816e3f0632bba7b384169ebe1bf8aad825420d

    • SHA256

      647704f63d6403e921b6cfc5c38a9376d9e48ba227795089386314ba7f65f774

    • SHA512

      e82199bdc0347f74543e9a6ac0116dd89becaf08de1360998b960ed0fc68a980a098db28cff79fad97f21cb76464e93939e120441cc919b85deb7bcb6ec15efe

    • SSDEEP

      3072:MKfN10T8hFnWmMJxN/GJvQf3xGPn78e8hN:ZNvWmMR1f3xGPn7

    Score
    5/10
    microsoftphishing
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks