Overview

overview

10

Static

static

10

0x00060000...50.exe

windows7-x64

10

0x00060000...50.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0x0006000000016070-50.dat

  • Size

    221KB

  • MD5

    e517e175bc1720010f7ffa1c69375ca5

  • SHA1

    d7f4a6c58e0fcd1033c565bb1f6d041bdaa0e0a6

  • SHA256

    1dffb954ef2a8254e6d52bf1ee4a5e812a147ed193f1fdcc2522f6d043ed6248

  • SHA512

    ddaf8619be954c5950f59bcd60ac94f792c523faf3e79ea14e1117a06e9cd6b186d821875303d5d86eefaf5bcb6e91fd4107e27512e53a013007be62288f4507

  • SSDEEP

    3072:TtJXRMeZYncNgckxQdxCr1d2t/q5yoQVZL53pRzzXZQAZ:TJMeucNgckedxCDo/doQVZdZRzzXZQ

Score
10/10
kukishredline

Malware Config

Extracted

Family

redline

Botnet

kukish

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0x0006000000016070-50.dat
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections