Overview

overview

10

Static

static

10

6048-607-0...ry.exe

windows7-x64

6048-607-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6048-607-0x00000000001C0000-0x00000000001DE000-memory.dmp

  • Size

    120KB

  • MD5

    4a31ea290215fcca52110f309b774388

  • SHA1

    564c7008b1c70c9fd804aa005bdf3c9ef13aa1fc

  • SHA256

    5bf3e80c75b065fbaed3a54ab90c8d6613c648146622bfa5635b7acc3c93ca05

  • SHA512

    794e93d7bbab0847a43873b64013dcf8869cc57e648ad9f68a814392662bffdd8ce86aac41ece46700e8a630094c28384db75d56f5363d1eab4433dacb04de76

  • SSDEEP

    3072:S3HcjBPe7NerE+CrFkDSuOkZDcXiqEqVXI:SeGKDRAXb

Score
10/10
6012068394_99redline

Malware Config

Extracted

Family

redline

Botnet

6012068394_99

C2

https://pastebin.com/raw/8baCJyMF

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6048-607-0x00000000001C0000-0x00000000001DE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections