Overview

overview

10

Static

static

10

2528-53-0x...ry.exe

windows7-x64

2528-53-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2528-53-0x00000000003D0000-0x0000000000400000-memory.dmp

  • Size

    192KB

  • MD5

    95693e2e5c6b645f8b7fa5dbd5b895b1

  • SHA1

    4274ee6717aed48a0b7a83699b260d402cafc67e

  • SHA256

    379d4b23175d36b6514c8711f9df7a640051c92a2bd24d514473b3a98eed804a

  • SHA512

    d76ade3214e54276d04232ceeaf4b952d2102fc00a524e8f525fc094145331fea9340c1c48fbbf90ed3732f282ef2cc436dac4be12e709b9016dd092705af93f

  • SSDEEP

    3072:WsnnY12UI0kl0E1OOWQ1rrE0+8MLdGSbMJD8e8hR:WsnJUI0kl0ENrE0qdGSbMJ

Score
10/10
cosmiclog$redline

Malware Config

Extracted

Family

redline

Botnet

CosmicLog$

C2

185.225.73.32:14387

Attributes
  • auth_value

    ac0f73120491f375e8704fe183735314

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2528-53-0x00000000003D0000-0x0000000000400000-memory.dmp
    .exe windows x86


    Headers

    Sections