Overview

overview

10

Static

static

10

1076-1052-...ry.exe

windows7-x64

1076-1052-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1076-1052-0x00000000001C0000-0x00000000001FE000-memory.dmp

  • Size

    248KB

  • MD5

    a1267e8cc4ccde0314ea6831f0f2c8c6

  • SHA1

    2b87c85c604db66cac4019c3ee10d7dd6876993e

  • SHA256

    1901da9481defc4ebfb586a8d8f453e03dad9fd6b0d9049bf6b053c6f801dee2

  • SHA512

    1d6e0532efff4ca89ab35afd94134e13ba2526b4753d8ac9ca1290131b8112c79c9aeaa294b03fa523ac97eed904d4b7ca3a331c4d03c373e6fb30d1801837e4

  • SSDEEP

    3072:stJXRMeZYncNgckxQdxCr1d2t/q5yoQVZL53pRzzXZQA1:sJMeucNgckedxCDo/doQVZdZRzzXZQ

Score
10/10
kukishredline

Malware Config

Extracted

Family

redline

Botnet

kukish

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1076-1052-0x00000000001C0000-0x00000000001FE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections