Overview

overview

10

Static

static

10

5260-266-0...ry.exe

windows7-x64

1

5260-266-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    5260-266-0x0000000004DA0000-0x0000000004DD0000-memory.dmp

  • Size

    192KB

  • MD5

    dc2dfb069038ee6425f8cdd281ed4e8c

  • SHA1

    9faafd1b215324d3daed413477852ee0dcd3ea57

  • SHA256

    2c543788ed2ff619d5e613daec5959bd3a781bc77595caf014acac261102ed35

  • SHA512

    9f90c3ee863207f75686ca72f797e31886af9de4a8ced6bcf4fbdc125f07659b976dc4c22c750b221f9f51f69daace1fb7d723fd61a3c7540798153afdde4716

  • SSDEEP

    3072:G1rfs5//I0bmCKugObCKR4eSwbD1J19cgrE0ML2Oam82JH8e8hU:Erk/I0bmzulrE0U2E82p

Score
10/10
@ytlogsbotredline

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

176.123.4.46:33783

Attributes
  • auth_value

    295b226f1b63bcd55148625381b27b19

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5260-266-0x0000000004DA0000-0x0000000004DD0000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections