Overview

overview

10

Static

static

10

1440-62-0x...ry.exe

windows7-x64

10

1440-62-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1440-62-0x0000000002170000-0x0000000002198000-memory.dmp

  • Size

    160KB

  • MD5

    0301f69349bf5bbc07bb98ac7efcca1f

  • SHA1

    cb55631f225682daacb554dd71fc4783465a889f

  • SHA256

    97cc51db80911bf08341e4720ef524fcdf46c19d5a3aa0d3853ca75c4bf1c72c

  • SHA512

    ff9e4b690cba038e7329592f63f3d9c63757a8309746812b8ed8e17e97dc12b41df14d514eac959fa87b62b380dee386a867d4da4497f588376d529dd4157ed6

  • SSDEEP

    1536:Ofq+tN6Xa15rtpDyBvLY+L5+bYvs6Kw69ksYgibfbFDKsRn:On8wqjlLYzl3YgafJln

Score
10/10
@germanyredline

Malware Config

Extracted

Family

redline

Botnet

@Germany

C2

194.26.135.162:2920

Attributes
  • auth_value

    9d15d78194367a949e54a07d6ce02c62

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1440-62-0x0000000002170000-0x0000000002198000-memory.dmp
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections