Overview

overview

10

Static

static

10

1264-178-0...ry.exe

windows7-x64

1264-178-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1264-178-0x0000000000020000-0x000000000003E000-memory.dmp

  • Size

    120KB

  • MD5

    e631ff809ef14ea2d5001b120fb7061b

  • SHA1

    4d60198604cfb7e0f3fda125eeeb437a9f696cdb

  • SHA256

    9f3fd3943a3db1fe890dad8840b832031d9bb313c4c68c8f052a7b4b553e231e

  • SHA512

    039e50a501c9cf35e8f966c7090ce3ccb2e401ce2a4a16d65562dae45ac4a2328f197c71089f2f21430939f0ffac7b7ff9ebd7685499cb3ef35a1ccfaa5c1a60

  • SSDEEP

    3072:23HcjBPe7NerE+CrFkDSuOkZDcXiqEqVX6:2eGKDRAXb

Score
10/10
6012068394_99redline

Malware Config

Extracted

Family

redline

Botnet

6012068394_99

C2

https://pastebin.com/raw/8baCJyMF

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1264-178-0x0000000000020000-0x000000000003E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections