Overview

overview

10

Static

static

10

2124-417-0...ry.exe

windows7-x64

2124-417-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2124-417-0x0000000001380000-0x00000000013BE000-memory.dmp

  • Size

    248KB

  • MD5

    47bfef7fe11b44dced52ff1dbfbae780

  • SHA1

    81a8dccca21be03c004b6bc18a967877f6bfec88

  • SHA256

    0a4a77097868a6987486b10aad2482520b7e910d826a249dc577494e778c05d1

  • SHA512

    c9bf385cd9b7b2982163e720a950accedbd4a19a5d7a6bcb1784daee4312aa03db795e2c80cd13410cff4258d2a292bf769ffee15ea28c713faea2f9ddc997d0

  • SSDEEP

    3072:XtJXRMeZYncNgckxQdxCr1d2t/q5yoQVZL53pRzzXZQAg:XJMeucNgckedxCDo/doQVZdZRzzXZQ

Score
10/10
kukishredline

Malware Config

Extracted

Family

redline

Botnet

kukish

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2124-417-0x0000000001380000-0x00000000013BE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections