Overview

overview

10

Static

static

10

6052-471-0...ry.exe

windows7-x64

6052-471-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    6052-471-0x0000000000390000-0x00000000003CE000-memory.dmp

  • Size

    248KB

  • MD5

    ac4e6959677d2605d2d8ddac332c86b5

  • SHA1

    bbfc0b8c0b094463a7cdbea721e0fc4336f64096

  • SHA256

    ba4afd370e2ffd72151cad06330c33eee5bafc19d68efdfad0c7966f9c1224f8

  • SHA512

    d385afcdb957c794073d3c39793685703debf8bd43c9f43aebe3104793c933d337ff643b758efe6abe076dd8cdb9d954cb31c3c5788410e560371245a0e535c0

  • SSDEEP

    3072:UJctOPGO2n1NgcU6YW8qu7SHBFt/qLdVPMxX/jEIgcRP:SDPGv1NgcUVWCuHF/CXPMxXLEfc

Score
10/10
@ytlogsbotredline

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

176.123.4.46:33783

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6052-471-0x0000000000390000-0x00000000003CE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections