Overview

overview

10

Static

static

10

624-40-0x0...ry.exe

windows7-x64

1

624-40-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    624-40-0x0000000000400000-0x000000000043E000-memory.dmp

  • Size

    248KB

  • MD5

    9cab75b36f7c5041a7ba3f222f8e805f

  • SHA1

    5151c5baa380f401f790a3af4b1f92888536a335

  • SHA256

    cf642a530bae599c15ac4f52872b8b5b474a6e8613c98a5eb40ed5d35ebcfb12

  • SHA512

    05338f689fab5b79ac155325b3f3ab944b9e6b91f0bef11c4449b1fc2e61694c15e30c766576377b65fb442d8f6cc0c5f7f3f921c96f317bf67bd455e87e2a3c

  • SSDEEP

    3072:IgLOgbb7G9n1NgcqeGCdfmoOaMt/qwLSlJIeGYOS:Imhb7w1NgcqjCdO5/bSlJf5

Score
10/10
jordanredline

Malware Config

Extracted

Family

redline

Botnet

jordan

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 624-40-0x0000000000400000-0x000000000043E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections