Overview

overview

10

Static

static

10

2372-1-0x0...ry.exe

windows7-x64

2372-1-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2372-1-0x0000000000460000-0x000000000049E000-memory.dmp

  • Size

    248KB

  • MD5

    18b08312ed5d37d06098192ca9794727

  • SHA1

    fb116a099af3bd875ac4252e9e81c93c63b08f70

  • SHA256

    fbce41aa2a3933c8d364ce3be5cc8c874ced24b6d154051cbd8427b13f185778

  • SHA512

    c4ac0a3b849663ab915de23395539ba569359ac6f29d95d44397df26174ca98e8e9ba268ec39c308e23121d3bd8bbbdd580eb35faeaa426ee7972208f3cb1c9c

  • SSDEEP

    3072:L+Foun/Ngc0LtkBaNqQDc1kwnkqt/q2Zf+5pRvcG61N:L+FF/Ngc0BkBawLOwkU/Pf+5z0G6

Score
10/10
@jewrrrwredline

Malware Config

Extracted

Family

redline

Botnet

@jewrrrw

C2

94.142.138.4:80

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2372-1-0x0000000000460000-0x000000000049E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections