Overview

overview

10

Static

static

10

3420-170-0...ry.exe

windows7-x64

3420-170-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    3420-170-0x0000000002060000-0x0000000002090000-memory.dmp

  • Size

    192KB

  • MD5

    efc856b797ed094d1d8ab89f01812efb

  • SHA1

    368edbb4dc05bf3bb25541c9809a826538bbce66

  • SHA256

    26e26ee88b4e6abe1acd8634732bd473df1e0fb763b4517ae0dc06b08089138d

  • SHA512

    6bb6544462c629b4d2aadb0ed5b4c09366d79329ee1122a5016376daea82851b76955d6ad7fd78e9d6884544ae12474484b447b9375ebd0f9989768560276395

  • SSDEEP

    3072:udHcZK4HwFpvDpxNzC600GJ/UaNYU8e8hs:YcAFhRd0lUaNYU

Score
10/10
cryptonredline

Malware Config

Extracted

Family

redline

Botnet

crypton

C2

45.15.156.21:15863

Attributes
  • auth_value

    c4c07ffa32fc3a62e26c420de8fe6313

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3420-170-0x0000000002060000-0x0000000002090000-memory.dmp
    .exe windows x86


    Headers

    Sections