Overview

overview

10

Static

static

10

5652-655-0...ry.exe

windows7-x64

5652-655-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    5652-655-0x00000000001C0000-0x00000000001DE000-memory.dmp

  • Size

    120KB

  • MD5

    86c7efbda7d4e96748c72e91578f923a

  • SHA1

    6420455e49035be4f0e4a5e0e0bf09672ffeb2c1

  • SHA256

    20697824fe36951b7ff091b0e5b74869a8061240963742e6aeb408951b8a6243

  • SHA512

    83b89dbc0f0dac450f74bd37e6abbf0fd78cffaf3bc407a98aa1ce15d02ccb0e196e383c2b14eaeefb0673958e98595eac73329d6fac6f7dac2aae66995f9314

  • SSDEEP

    3072:I3HcjBPe7NerE+CrFkDSuOkZDcXiqEqVXI:IeGKDRAXb

Score
10/10
6012068394_99redline

Malware Config

Extracted

Family

redline

Botnet

6012068394_99

C2

https://pastebin.com/raw/8baCJyMF

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5652-655-0x00000000001C0000-0x00000000001DE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections