Overview

overview

10

Static

static

10

4068-579-0...ry.exe

windows7-x64

4068-579-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4068-579-0x00000000001D0000-0x00000000001EE000-memory.dmp

  • Size

    120KB

  • MD5

    ed553e2685a6c76df8793d697a3efbeb

  • SHA1

    2f533b9437dc511210cde72e256665d782c12dda

  • SHA256

    63db217446574603196488883770b72d30b7ad52797f25dea76c154ab47b3b0a

  • SHA512

    ad0dbe96aa32b565a5b6ffa84a3359bdc868fbc77a92e51a0d2664f94bb3fa8b7d7637062e7062966f998b4e68174a58719984e28eefd24d5d1e69c76ad72cf9

  • SSDEEP

    3072:h3HcjBPe7NerE+CrFkDSuOkZDcXiqEqVXD:heGKDRAXb

Score
10/10
6012068394_99redline

Malware Config

Extracted

Family

redline

Botnet

6012068394_99

C2

https://pastebin.com/raw/8baCJyMF

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4068-579-0x00000000001D0000-0x00000000001EE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections