Overview

overview

10

Static

static

10

1996-54-0x...ry.exe

windows7-x64

1

1996-54-0x...ry.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    1996-54-0x00000000001B0000-0x00000000001E0000-memory.dmp

  • Size

    192KB

  • MD5

    dfdf1eac9400d2da414cde7450490045

  • SHA1

    99816e3f0632bba7b384169ebe1bf8aad825420d

  • SHA256

    647704f63d6403e921b6cfc5c38a9376d9e48ba227795089386314ba7f65f774

  • SHA512

    e82199bdc0347f74543e9a6ac0116dd89becaf08de1360998b960ed0fc68a980a098db28cff79fad97f21cb76464e93939e120441cc919b85deb7bcb6ec15efe

  • SSDEEP

    3072:MKfN10T8hFnWmMJxN/GJvQf3xGPn78e8hN:ZNvWmMR1f3xGPn7

Score
10/10
@cloudcosmic (https://cloudcosmic.store)redline

Malware Config

Extracted

Family

redline

Botnet

@CLOUDCOSMIC (https://cloudcosmic.store)

C2

157.254.164.98:28449

Attributes
  • auth_value

    34d166c21d3c623b65c1799fd54aa9f9

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1996-54-0x00000000001B0000-0x00000000001E0000-memory.dmp
    .exe windows x86


    Headers

    Sections