Overview

overview

10

Static

static

10

2604-384-0...ry.exe

windows7-x64

2604-384-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2604-384-0x0000000001310000-0x000000000134E000-memory.dmp

  • Size

    248KB

  • MD5

    c086d801b306ff730c0188fc23654de5

  • SHA1

    cceda32ca10cffd2acb24bbe3442975970184410

  • SHA256

    cc2d6e3eed05f1127b53f12da4847007f313d7f7c4c5a6131ea2b319ef144565

  • SHA512

    e289bcd5cd46f23e9d5bae1d2774802ac2373e86951ffe5ed47d1525b5b322bcf466c684b3ed6c78f4210863b351bcec1c30a42c79385653aac2ba6ae3e7fbff

  • SSDEEP

    3072:S2PLqOze7nDNgcYde+t9P/Kt/qbe9aKC9GYYOtLDp:S0Lm7DNgc8vtO/D9aKC9V5tL

Score
10/10
clientfileredline

Malware Config

Extracted

Family

redline

Botnet

clientfile

C2

194.180.49.159:80

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2604-384-0x0000000001310000-0x000000000134E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections