Overview

overview

10

Static

static

10

5484-458-0...ry.exe

windows7-x64

1

5484-458-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    5484-458-0x0000000000B50000-0x0000000000B80000-memory.dmp

  • Size

    192KB

  • MD5

    4f1d8b489b0e4bd9e49828fe34db5765

  • SHA1

    59ba61ec0e2c354451775e4d87d1c1117f9150de

  • SHA256

    5456731ad8ab1227cc94de9da42a8bcb4cddea6b8057b002679c671680f625f0

  • SHA512

    59a9de9dc7e06bc672d4b8364b12639cf1e4c55193eeb4f36a3aa074445f85b91f2c7ff64a6d340b33c834dc801eeeb4b41abdc355094e774927cf63cf4010ed

  • SSDEEP

    3072:t1rfs5//I0bmCKugObCKR4eSwbD1J19cgrE0ML2Oam82Jq8e8hU:brk/I0bmzulrE0U2E82Q

Score
10/10
@ytlogsbotredline

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

176.123.4.46:33783

Attributes
  • auth_value

    295b226f1b63bcd55148625381b27b19

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5484-458-0x0000000000B50000-0x0000000000B80000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections