Overview

overview

10

Static

static

10

5340-591-0...ry.exe

windows7-x64

5340-591-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    5340-591-0x0000000000D20000-0x0000000000D5E000-memory.dmp

  • Size

    248KB

  • MD5

    d7e25f097a6eea4619962a6458fad013

  • SHA1

    aafffdc16f9cbdb6d4899e809c85eba8b89b25b5

  • SHA256

    79409988e8802da687aabe3348bb3b24ebb90433b093184410c8b3ca1a90ffeb

  • SHA512

    f84e802fa04481c1fa4ee59b72847124603cb0fad1c62e39b279817f666fa145424c84e1c69a7ffbdc4522c7cbfbf149118e2a5e0c37aee5697d04de24f32917

  • SSDEEP

    3072:yFyOHrnNNgchKkRm8pyUDv8ZTYllt/q0ePfm/lpvSLaeG:yFyOLNNgch5k80UDGYp/mPfmdJSLa

Score
10/10
lutyrredline

Malware Config

Extracted

Family

redline

Botnet

lutyr

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5340-591-0x0000000000D20000-0x0000000000D5E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections