Overview

overview

10

Static

static

10

1324-54-0x...ry.exe

windows7-x64

1324-54-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1324-54-0x00000000002F0000-0x0000000000316000-memory.dmp

  • Size

    152KB

  • MD5

    9ff1524abb08861c10730338a9a6489e

  • SHA1

    758b85022d8f0c114172bcc08911b19273157612

  • SHA256

    76bf4e3cf00e852f699098a54f8a88b7410ac522ccf5b356d2d22b6d1dd03adc

  • SHA512

    356fad4802934425c643ebfeb2744fc7098534c61a6e4ee5703646f6faf3042d74e1ddd63fcee4db46038dc1d02c785110fc12e3d1dfb7123ffce9dc72e5162f

  • SSDEEP

    1536:PatcnVHT1+/oXHZmy+fCGeK7jS8VuBm3hUjfSbV77mOmA7sYgibfbFDKsRR:StcZZRaKGeotu0QmB/+YgafJlR

Score
10/10
cloud yt teamredline

Malware Config

Extracted

Family

redline

Botnet

CLOUD YT TEAM

C2

176.123.9.85:16482

Attributes
  • auth_value

    a8d74ed165e7e003f2ebfae75f9a3bdd

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1324-54-0x00000000002F0000-0x0000000000316000-memory.dmp
    .exe windows x86


    Headers

    Sections