Overview

overview

10

Static

static

10

2952-1414-...ry.exe

windows7-x64

2952-1414-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2952-1414-0x0000000000020000-0x000000000003E000-memory.dmp

  • Size

    120KB

  • MD5

    6d4226fd939696d4fe70df7939574568

  • SHA1

    63c34b20e5b6e4a0b45b132c367489e13f9ee9d3

  • SHA256

    c743a800d452b5467b8ae02da4ba3f67fd9860bd5a6621434e33d15e3e3134e4

  • SHA512

    326faa671db80b73384e291af40da80932f5d92d0a5fa31c33593049f81969de7abf4c1b0db8be49a042997deff33abbdea690c651d66f28ceebba8f1724e7db

  • SSDEEP

    3072:T3HcjBPe7NerE+CrFkDSuOkZDcXiqEqVR6:TeGKDRAX1

Score
10/10
5141679758_99redline

Malware Config

Extracted

Family

redline

Botnet

5141679758_99

C2

https://pastebin.com/raw/8baCJyMF

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2952-1414-0x0000000000020000-0x000000000003E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections