Overview

overview

10

Static

static

10

1952-73-0x...ry.exe

windows7-x64

1952-73-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1952-73-0x0000000000400000-0x000000000043E000-memory.dmp

  • Size

    248KB

  • MD5

    cca17c5d218c40a4762da9abaffe5ddd

  • SHA1

    fdada491c12e1894aa431669aea6374309a4f048

  • SHA256

    782a1df2eac04e59bf682fec8ac5accc6eaea389b4fb32df05803b9c71f1b43b

  • SHA512

    80ea5f7c0b8e00722125bb906c733520d04d82c5b4a8af09f858fa5800910d24396a9521de1205655fb5cccae8572c4716e1a55d0118a4831299018e3d9939f7

  • SSDEEP

    3072:l5wWp9nNNgcFocfgi6G26G2t/q/WvMXGBJJdPHj7Ee8Sq:lq49NNgcFvfgitR/LvMXGBxfj7Ee8

Score
10/10
logsdiller cloud (tg: @logsdillabot)redline

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

146.59.161.13:39199

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1952-73-0x0000000000400000-0x000000000043E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections