Overview

overview

10

Static

static

10

6104-483-0...ry.exe

windows7-x64

6104-483-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    6104-483-0x0000000000420000-0x000000000045E000-memory.dmp

  • Size

    248KB

  • MD5

    4209a9c9d866dde535de7dc3be161c65

  • SHA1

    ac9043f84c594556f0c5b17d115c0f289471a3ce

  • SHA256

    22824e2c9781e807d14cfcc96e59ef23cd9bd2d3b7d0b6100192193ec9b0516e

  • SHA512

    2700a8fcfed8fc8819f6e7fb84b9300ac2c8af3da9bdddcca45c790611ead2048ae6ee825276c83d2afcc715b55586de62824a6673b9f568eea08fec55dfbde5

  • SSDEEP

    3072:jJctOPGO2n1NgcU6YW8qu7SHBFt/qLdVPMxX/jEIgcRm:dDPGv1NgcUVWCuHF/CXPMxXLEfc

Score
10/10
@ytlogsbotredline

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

176.123.4.46:33783

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6104-483-0x0000000000420000-0x000000000045E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections