Overview

overview

10

Static

static

10

2080-1009-...ry.exe

windows7-x64

2080-1009-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2080-1009-0x0000000000290000-0x00000000002CE000-memory.dmp

  • Size

    248KB

  • MD5

    2b380cc99b1ec5be0be66bd44055f302

  • SHA1

    f70df83a82e03d0628e3e4c1876fd0ed979448df

  • SHA256

    6dd669d7f52140bd35b6b61285ffec0db12852c917fa81ae394716bf064a7079

  • SHA512

    b89dd2b28f6af7e9c6f6d309ee1fe912c316e234707ae84b63e15403f5141134afc9ced4803a6ac06fa50d1b525143c392d670438bfd43593ca50730d7646581

  • SSDEEP

    3072:MtJXRMeZYncNgckxQdxCr1d2t/q5yoQVZL53pRzzXZQA2:MJMeucNgckedxCDo/doQVZdZRzzXZQ

Score
10/10
kukishredline

Malware Config

Extracted

Family

redline

Botnet

kukish

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2080-1009-0x0000000000290000-0x00000000002CE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections