Overview

overview

10

Static

static

10

2656-67-0x...ry.exe

windows7-x64

2656-67-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2656-67-0x0000000000400000-0x000000000043E000-memory.dmp

  • Size

    248KB

  • MD5

    b51f506c21d2ccc54bcb40c7a0bf4819

  • SHA1

    d19980689bcf37c7ef3d8e9dbbbf596cf61a2438

  • SHA256

    7bce43fdc4f82064b0bff168a7374ee147c4c6b354ad7fe59b7c214476e67936

  • SHA512

    5cbcf3a4d05bda82776545341b1ff0a898154cb7a2c38b9547c9fb1f006857f6e50585737ce7a27fa4c9858bcfbfb607d03f74c8241625e20ad5ae06a7d19656

  • SSDEEP

    3072:OVXnPpnCniNgcpzE22NX2eSYht/qRuZ5EhBzEUlED6:2XPpCiNgcpI9NXPj/hZ5E/oUlED

Score
10/10
logsdiller cloud (tg: @logsdillabot)redline

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

51.255.152.132:36011

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2656-67-0x0000000000400000-0x000000000043E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections