Overview

overview

10

Static

static

10

1376-623-0...ry.exe

windows7-x64

1376-623-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1376-623-0x00000000001C0000-0x00000000001DE000-memory.dmp

  • Size

    120KB

  • MD5

    0a97a1735543beb54b4f1a21b4f619c9

  • SHA1

    585bbf86868563f9012b749eaf1e37edc69fa72e

  • SHA256

    e22c44ddff8a388fa88a34ae6afd506a2f5c0da1c9657626a13484542edd7f32

  • SHA512

    2ff2e6e2986f2b080e84008237c1ad80fde37a22deead2ef034ecf28e4354c0ba78b412eda5430964d55c7e7de61939e0bd8aad832f4ee30a0c8db0609156e1f

  • SSDEEP

    3072:v3HcjBPe7NerE+CrFkDSuOkZDcXiqEqVXI:veGKDRAXb

Score
10/10
6012068394_99redline

Malware Config

Extracted

Family

redline

Botnet

6012068394_99

C2

https://pastebin.com/raw/8baCJyMF

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1376-623-0x00000000001C0000-0x00000000001DE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections