Overview

overview

10

Static

static

10

1976-373-0...ry.exe

windows7-x64

1976-373-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1976-373-0x0000000001370000-0x00000000013AE000-memory.dmp

  • Size

    248KB

  • MD5

    c67f77d2ca9d316aacbd153ebc1f773f

  • SHA1

    6f2ef0c3112edeec9dfa4f3c330cfbbace29aef6

  • SHA256

    c616d17d5cde0b909ac2c6cdd1ac5c52872e841f464eeda91621410aacd0adff

  • SHA512

    9d2cfc9e20ac0359c7624e0dfc834ce0e307564f51247fb86bc484a764f65146570271fab54dd73aa661650082b7c98ff689b6165000efb2515a2dfa4b47e2c5

  • SSDEEP

    3072:S2PLqOze7nDNgcYde+t9P/Kt/qbe9aKC9GYYOtLDn:S0Lm7DNgc8vtO/D9aKC9V5tL

Score
10/10
clientfileredline

Malware Config

Extracted

Family

redline

Botnet

clientfile

C2

194.180.49.159:80

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1976-373-0x0000000001370000-0x00000000013AE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections