Overview

overview

10

Static

static

10

6260-522-0...ry.exe

windows7-x64

6260-522-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    6260-522-0x0000000000400000-0x000000000043E000-memory.dmp

  • Size

    192KB

  • MD5

    9baa422d1ab914b7c96fa9610a613fa4

  • SHA1

    a89f35673bae35b8a0bea30b4457df88d5c9f1c4

  • SHA256

    3dce8c8d5f882f82128b017169aedd137dbe2681ed39abd65f7696e7e43a1839

  • SHA512

    61e3053d0fc4f7d01a1012eb463cde71fd544cd76c6775e6d01464c0c80d5127d82ce0d69ad156e9e2ce6a9b540cbe45aa0c8e9f4205c70f961557c121be7705

  • SSDEEP

    3072:VJctOPGO2n1NgcU6YW8qu7SHBFt/qLdVPMxX/jEIgcR:7DPGv1NgcUVWCuHF/CXPMxXLEfc

Score
10/10
@ytlogsbotredline

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

176.123.4.46:33783

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6260-522-0x0000000000400000-0x000000000043E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections