Overview

overview

10

Static

static

10

5204-567-0...ry.exe

windows7-x64

5204-567-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    5204-567-0x0000000000550000-0x000000000058E000-memory.dmp

  • Size

    248KB

  • MD5

    b4a9b171d2d151d669d242e5a8405078

  • SHA1

    bb9bdaf00237b53668bf190b951a0b382b5f471f

  • SHA256

    b2e1db9614e1e3b0d823deca5fe2ca6a830aec1904f69623c790baf92c2fd12c

  • SHA512

    fdfa25eef935e390917fbf8dc0dfc78a95d8d2fa6b1b27cc5f6cbbd9218dafbbf39c1fd4a996b3eba82a4b839283c6293a67ce58e24ffc72e75a825590829999

  • SSDEEP

    3072:wJctOPGO2n1NgcU6YW8qu7SHBFt/qLdVPMxX/jEIgcR7:GDPGv1NgcUVWCuHF/CXPMxXLEfc

Score
10/10
@ytlogsbotredline

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

176.123.4.46:33783

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5204-567-0x0000000000550000-0x000000000058E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections