Overview

overview

10

Static

static

10

2412-334-0...ry.exe

windows7-x64

2412-334-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2412-334-0x0000000000A90000-0x0000000000ACE000-memory.dmp

  • Size

    248KB

  • MD5

    ed2256c8b472ebfdc1602f4a42b5c692

  • SHA1

    2ef0bec720b65170c7ead3406058e8aafc6a0aaa

  • SHA256

    2046d431db18a6766040ae964471a85d918b232bd36443fc5241d1586303a0c0

  • SHA512

    dfc7925585d7db53bcb6fb71a4acf24c12219244ed96431c63f46569aefb4016c42b1b80b52fc73766c810426fff9f105c0db726fc1934f242467d0b7f8d6807

  • SSDEEP

    3072:k2PLqOze7nDNgcYde+t9P/Kt/qbe9aKC9GYYOtLDc:k0Lm7DNgc8vtO/D9aKC9V5tL

Score
10/10
clientfileredline

Malware Config

Extracted

Family

redline

Botnet

clientfile

C2

194.180.49.159:80

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2412-334-0x0000000000A90000-0x0000000000ACE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections