Overview

overview

10

Static

static

10

2092-55-0x...ry.exe

windows7-x64

2092-55-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2092-55-0x00000000002D0000-0x0000000000300000-memory.dmp

  • Size

    192KB

  • MD5

    5df4152cca20b51f24ae912a32006ca6

  • SHA1

    fdf3a17d845f3fa393d6ed0b52c90b30c9bab384

  • SHA256

    0f3083c39dcb1282e7787584d39704bc7cbe63b2d45a2be281f68d1d7e41fcb1

  • SHA512

    1cecbf2a09e08b98654eaef28c5cabd10ea9a1684fe31e40d44cad033b58c41b0a41f78c2f41ae18b565d192f0cf4666d29beb26790ed3000adbebb8019b9aa9

  • SSDEEP

    3072:1snnY12UI0kl0E1OOWQ1rrE0+8MLdGSbMJT8e8hR:1snJUI0kl0ENrE0qdGSbM5

Score
10/10
cosmiclog$redline

Malware Config

Extracted

Family

redline

Botnet

CosmicLog$

C2

185.225.73.32:14387

Attributes
  • auth_value

    ac0f73120491f375e8704fe183735314

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2092-55-0x00000000002D0000-0x0000000000300000-memory.dmp
    .exe windows x86


    Headers

    Sections