Overview

overview

10

Static

static

10

2872-68-0x...ry.exe

windows7-x64

2872-68-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2872-68-0x0000000000400000-0x000000000043E000-memory.dmp

  • Size

    248KB

  • MD5

    174dc34270c8234fec3344d503bf5392

  • SHA1

    3a3e7cb7169cfdba0d6e27887ebc81125d298938

  • SHA256

    7b48fd535c33ad3ba6b4a5138269d9d4009ffcfed258d7bcb8990e5c6455970b

  • SHA512

    a6d66bad89097bd5c2cfa596596912b1fc78a283b9fd61b9912083f1a27ba17f9dc15556afe815b35df61cc885ee5c70d1dab76bb716389e047cc01112312967

  • SSDEEP

    3072:OVXnPpnCniNgcpzE22NX2eSYht/qRuZ5EhBzEUlED6L:2XPpCiNgcpI9NXPj/hZ5E/oUlED

Score
10/10
logsdiller cloud (tg: @logsdillabot)redline

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

51.255.152.132:36011

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2872-68-0x0000000000400000-0x000000000043E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections