Overview

overview

10

Static

static

10

6120-423-0...ry.exe

windows7-x64

6120-423-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    6120-423-0x0000000000FA0000-0x0000000000FDE000-memory.dmp

  • Size

    248KB

  • MD5

    76edfa9d4a827074fc76bf01b61b3856

  • SHA1

    4c6b4834caa0ab4000500930f9f7d579cbb6b01e

  • SHA256

    9a4a2a1e1563c1e46d7cc8b8c86c1516bd0227505faa7bcc0e9ee42093d961bc

  • SHA512

    0ce84a34c5395c974bf6434fea69284fe3524424b6bf2a9b82ea797852d9514e19c693cbac43fa06336eba6928d87e3d15f192e13d03602bb240dc2fbc8461c9

  • SSDEEP

    3072:7JctOPGO2n1NgcU6YW8qu7SHBFt/qLdVPMxX/jEIgcRe:lDPGv1NgcUVWCuHF/CXPMxXLEfc

Score
10/10
@ytlogsbotredline

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

176.123.4.46:33783

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6120-423-0x0000000000FA0000-0x0000000000FDE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections