Overview

overview

10

Static

static

10

5936-479-0...ry.exe

windows7-x64

5936-479-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    5936-479-0x0000000001190000-0x00000000011CE000-memory.dmp

  • Size

    248KB

  • MD5

    971f8b85a50b878c5cc95161532ea946

  • SHA1

    bb804299c6eaee0c3f5ced6ddb590621dcef2752

  • SHA256

    04d5a5b1623ffc51a9edf0f4dd10e65720015bef2b4a5d15f90a396999cfd39d

  • SHA512

    d9c0c4c980e0bfcaba315dd6a13e8566691fbb18224d3abb9800620eb67a2c253256042bc3733732e47a00051ee766360f524dea2411025909ba73bd7bbf3ccb

  • SSDEEP

    3072:jJctOPGO2n1NgcU6YW8qu7SHBFt/qLdVPMxX/jEIgcRG:dDPGv1NgcUVWCuHF/CXPMxXLEfc

Score
10/10
@ytlogsbotredline

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

176.123.4.46:33783

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5936-479-0x0000000001190000-0x00000000011CE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections