Overview

overview

10

Static

static

10

1340-157-0...ry.exe

windows7-x64

1340-157-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1340-157-0x0000000000380000-0x00000000003BE000-memory.dmp

  • Size

    248KB

  • MD5

    365c34ca983602ba34a210524219494b

  • SHA1

    d6aca2803198d3d0c18cda1fe973c0fbd0dbf29b

  • SHA256

    2f572892d5509543d1667b59e5a5a5e5e6371093afe9a5056bbf171783da5ca5

  • SHA512

    ad541bc64d220d1a798064da0b2aa9fdfc2954e6cafb487172b6e8954f5a6533fa8fbd717504944da3ec5dacae3fcbaf48b78ecbca61cf27c8ce010c66a236e6

  • SSDEEP

    3072:sEjJpWunbNgcc+fw1nRKlnwT84Zhct/qR8NbtS6Gbmhmado:sGTWubNgcc+I1nRKlwTQ/PNbtS7Khma

Score
10/10
@ytlogsbotredline

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

185.216.70.238:37515

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1340-157-0x0000000000380000-0x00000000003BE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections