Overview

overview

10

Static

static

10

216-396-0x...ry.exe

windows7-x64

216-396-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    216-396-0x00000000001C0000-0x00000000001DE000-memory.dmp

  • Size

    120KB

  • MD5

    8b68f28405ee935df43d5def1bc4b1ef

  • SHA1

    578244d4212a7fd073c3c5d3de01d24d9db6353a

  • SHA256

    0c72b8a6eb07237447884c32086e651b22bb9784b89fda7f67892f58daed3b42

  • SHA512

    8fbfd2cfc6dd7e30dc0df780b7d95a8c80f6e199275bc092cb78c4961b77033f0056aa2cd28b55f2b0e8747c6e2dcb10eeb166215b3682df2d30eb56c3daf7db

  • SSDEEP

    3072:g3HcjBPe7NerE+CrFkDSuOkZDcXiqEqVXI:geGKDRAXb

Score
10/10
6012068394_99redline

Malware Config

Extracted

Family

redline

Botnet

6012068394_99

C2

https://pastebin.com/raw/8baCJyMF

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 216-396-0x00000000001C0000-0x00000000001DE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections