Overview

overview

10

Static

static

10

5816-704-0...ry.exe

windows7-x64

5816-704-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    5816-704-0x00000000001C0000-0x00000000001DE000-memory.dmp

  • Size

    120KB

  • MD5

    4417701f5164bb88dc35127f549bbc02

  • SHA1

    c73fb0287ada5c3a4ec38f778f0460aa6d746938

  • SHA256

    622d3bfe5ee116936e3aea3d32f70a95ee2a60df4d79cef8165d3adc5eee80d0

  • SHA512

    14b4e58105aed498984611e9101b0ff747121003d33ad465d6d0a4b0b33479457d1908d17b382d53dc34958a8f3ce9a7ba12c3c04e5bb4fd905a4c3c9d1fcd10

  • SSDEEP

    3072:e3HcjBPe7NerE+CrFkDSuOkZDcXiqEqVRI:eeGKDRAX1

Score
10/10
5141679758_99redline

Malware Config

Extracted

Family

redline

Botnet

5141679758_99

C2

https://pastebin.com/raw/8baCJyMF

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5816-704-0x00000000001C0000-0x00000000001DE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections