Overview

overview

10

Static

static

10

1932-1206-...ry.exe

windows7-x64

1932-1206-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1932-1206-0x00000000003D0000-0x000000000040E000-memory.dmp

  • Size

    248KB

  • MD5

    968bea7c28bf419d110d2e50b5a1f516

  • SHA1

    ff91732091ce47af4e971fb4936d74cf281cd185

  • SHA256

    71cdefe1f8dade6dda4acda0abf139afe2dd0fa497fbe0307f87238378e494c7

  • SHA512

    6135e92a641c0c34156ef27ca54a9f16a79f49d908d88c1b122cc53a4fd3884b05947a13ad81c3b6b8e6fbec979771a3c945823c23ccbff12530107fb0b7a60a

  • SSDEEP

    3072:dtJXRMeZYncNgckxQdxCr1d2t/q5yoQVZL53pRzzXZQAq:dJMeucNgckedxCDo/doQVZdZRzzXZQ

Score
10/10
kukishredline

Malware Config

Extracted

Family

redline

Botnet

kukish

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1932-1206-0x00000000003D0000-0x000000000040E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections