Overview

overview

10

Static

static

10

2604-54-0x...ry.exe

windows7-x64

2604-54-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2604-54-0x00000000002D0000-0x0000000000300000-memory.dmp

  • Size

    192KB

  • MD5

    780caf485ae8e239a056c6b010ef2e79

  • SHA1

    e4c53bc1504e7ea87d954a8976cd0bbc0bc66801

  • SHA256

    ec720c57ba2585ac8ec2fea8db18b8f18b7b92bb18f58e2edba9da25677696fc

  • SHA512

    5beb3e129e3dbcf5e165065468b8888ed83c76f8f3caee32b9d91dc8db7c869cdcd75178acd39224b3bf86e886149f5b563ae67586c5be66eddcea6a26b34c6f

  • SSDEEP

    3072:dRx7sW+tF7V96WL8/OWxNJ8wN9KEWnn8e8hu:dvQp90/OAmEWnn

Score
10/10
ebatredline

Malware Config

Extracted

Family

redline

Botnet

ebat

C2

45.15.156.21:15863

Attributes
  • auth_value

    19bc307413ddb45267b90267d5b9c775

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2604-54-0x00000000002D0000-0x0000000000300000-memory.dmp
    .exe windows x86


    Headers

    Sections