Overview

overview

10

Static

static

10

1492-217-0...ry.exe

windows7-x64

1492-217-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1492-217-0x0000000000080000-0x00000000000BE000-memory.dmp

  • Size

    248KB

  • MD5

    310aec85835417af6b6e8cf22bb1ab7f

  • SHA1

    f8f29b77fd397287a03faffaf517258d50b1ca21

  • SHA256

    ecd39ad7ee50671f2e6abff60eb785b68b69fa12f0e3204b902255c8531459af

  • SHA512

    fd1f24634fceb5043c2a82cc09bb5d5ef7698f0df627d656bb218681168f896fc94a507b02f4e7765c83900697e9c6c158c2d2f43ce58e0651a13ba0b416a255

  • SSDEEP

    3072:cEjJpWunbNgcc+fw1nRKlnwT84Zhct/qR8NbtS6Gbmhmad4:cGTWubNgcc+I1nRKlwTQ/PNbtS7Khma

Score
10/10
@ytlogsbotredline

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

185.216.70.238:37515

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1492-217-0x0000000000080000-0x00000000000BE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections