Overview

overview

10

Static

static

10

1032-64-0x...ry.exe

windows7-x64

1032-64-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1032-64-0x0000000000400000-0x000000000043E000-memory.dmp

  • Size

    248KB

  • MD5

    5a9c9a653145f46776bd54c94648cfba

  • SHA1

    abd03e7e8d6fd9c2fc58f3df16b77dd7e90720cc

  • SHA256

    21bf7d94009afd25b1844f9904ddc3a10a8a4dc14949773b0f1c2e5ffa6347ca

  • SHA512

    422e3a142b7b05930c0d7ac313031f5e46bdac8c8fc388603320972c23f227bce7952d461d0b7a0a038ae9ffc342148dae5fc89a8d7fc21a7e85509f4456cae1

  • SSDEEP

    3072:l5wWp9nNNgcFocfgi6G26G2t/q/WvMXGBJJdPHj7Ee8Sq:lq49NNgcFvfgitR/LvMXGBxfj7Ee8

Score
10/10
logsdiller cloud (tg: @logsdillabot)redline

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

146.59.161.13:39199

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1032-64-0x0000000000400000-0x000000000043E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections