Overview

overview

10

Static

static

10

2980-24-0x...ry.exe

windows7-x64

1

2980-24-0x...ry.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    2980-24-0x0000000000220000-0x0000000000250000-memory.dmp

  • Size

    192KB

  • MD5

    6a7ee90c193ff10dcb19f4617d03dea0

  • SHA1

    9f1cb85e1cbdd2c91fad1514b9f483f0d43a1157

  • SHA256

    b3123b320ec0d98f7508034144af093831a536e352cb05a05fb216ee80fba427

  • SHA512

    9883025b469fae32edd27068ecf7801dcf931fd6157869563f0c9e5ea5d15da45a0ec3f75b76ff99db91d51aa9e6c778a414da6d8e58b4202737c2ee716671ff

  • SSDEEP

    3072:8wQwJp8A/xdimI06X7vV6OPEsUc/W0E0ilHPgM1JS8e8h3:8BzAmmI0k7vVe0E0YIM1k

Score
10/10
lux3redline

Malware Config

Extracted

Family

redline

Botnet

lux3

C2

176.123.9.142:14845

Attributes
  • auth_value

    e94dff9a76da90d6b000642c4a52574b

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2980-24-0x0000000000220000-0x0000000000250000-memory.dmp
    .exe windows x86


    Headers

    Sections