Overview

overview

10

Static

static

10

2448-387-0...ry.exe

windows7-x64

2448-387-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2448-387-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    b20918809a0a3f0471fd746029aaeb91

  • SHA1

    ce90b8d25a90dfabeb206f0fc6cbb2783508f73c

  • SHA256

    06e0183eed6bfe0b650f18153f7ef00728758a3dce485414f9922f9ae6c1bb63

  • SHA512

    6971c810665535da7c7066dc539f851e0998e516086f3653ba581cd5a267966a9feb45adda3362fb7ce284755b27361a4ad8c8f635768d42fdbe045078a36824

  • SSDEEP

    3072:bTrv7Zn47I0TCcc0O95bb2uME0eCbbX9Xp9buoJ58e8hg:jvS7I0TCccUuME0J9Xp9bDP

Score
10/10
logsdiller cloud (tg: @logsdillabot)redline

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

149.202.0.242:31728

Attributes
  • auth_value

    3a050df92d0cf082b2cdaf87863616be

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2448-387-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections