Overview

overview

10

Static

static

10

5608-813-0...ry.exe

windows7-x64

5608-813-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    5608-813-0x0000000000630000-0x000000000066E000-memory.dmp

  • Size

    248KB

  • MD5

    7555bc7d78693bf44b9a4e64292fb297

  • SHA1

    3b2afe9a7d54b887def48a751827d819dec1b40d

  • SHA256

    f00a8050883493e6a20a834e27a841b6aca8b4798b193cd594505ce91c71edfb

  • SHA512

    e1e275cca8be3171cc78630a2df67ace391147a29fad122e0a64bb1e1d27441815c2a8f8e9972dcd9f5a6b72cfc5c7f555d6e6bbb12bb6182ddb0dea823e050a

  • SSDEEP

    3072:yJctOPGO2n1NgcU6YW8qu7SHBFt/qLdVPMxX/jEIgcRB:8DPGv1NgcUVWCuHF/CXPMxXLEfc

Score
10/10
@ytlogsbotredline

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

176.123.4.46:33783

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5608-813-0x0000000000630000-0x000000000066E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections