Overview

overview

10

Static

static

10

2488-1393-...ry.exe

windows7-x64

2488-1393-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2488-1393-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    2e90eda120b195934a7b5095b984de0a

  • SHA1

    ab804fa18b90396ec9d39c47cb0ccb5e7c69cc67

  • SHA256

    2ef1826a9af6add453306d04febe4e65d210bf2870a237c392bcc49fd289ad9d

  • SHA512

    d58bf7af0114ba004f8bcc603d51ffbc776970c44f44099cf1c8849dc6a61055274e1d6654d56ba9fd7923aa4586bf78eb6a154734e9b40a90f343eecf88345a

  • SSDEEP

    1536:WaOcnVHT1L/o7BrNH+fDaXDPE1/94mDv/shsjZLbV7h/tVvdbsYgibfbFDKsRP:TOcZZWAraXY1emYe3j1IYgafJlP

Score
10/10
work4redline

Malware Config

Extracted

Family

redline

Botnet

work4

C2

5.79.91.233:38435

Attributes
  • auth_value

    fdb0f2254cbce779c3f5e1c5be097f96

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2488-1393-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections