Overview

overview

10

Static

static

10

2660-270-0...ry.exe

windows7-x64

2660-270-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2660-270-0x00000000002B0000-0x00000000002EE000-memory.dmp

  • Size

    248KB

  • MD5

    c8937e0636570291e040e8816ba11f3f

  • SHA1

    fe21a4684e315c0d912d1617f9b6473cdabf1d01

  • SHA256

    f5d63c3615b0e4fafde2825c39c70b2fc0e630544b6b961787fb78f4bb6e8698

  • SHA512

    ebd94c0b5d5f19c77a2676b7a1ff0bf75fb7fb69060e4525dc264d19fdd93bb325ca2c22f013a43d9f6b270ab1a5de1f384aad2ce375ec47984564764ce620cb

  • SSDEEP

    3072:C2PLqOze7nDNgcYde+t9P/Kt/qbe9aKC9GYYOtLDO:C0Lm7DNgc8vtO/D9aKC9V5tL

Score
10/10
clientfileredline

Malware Config

Extracted

Family

redline

Botnet

clientfile

C2

194.180.49.159:80

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2660-270-0x00000000002B0000-0x00000000002EE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections