Overview

overview

10

Static

static

10

912-1264-0...ry.exe

windows7-x64

912-1264-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    912-1264-0x0000000000080000-0x00000000000BE000-memory.dmp

  • Size

    248KB

  • MD5

    6980b7a4e39f03f18b0a59a9b401719e

  • SHA1

    b460564202c7958fb46755e73df498aebddb2f22

  • SHA256

    d1eed3afa2fb24cbdf95a83e2f2735b7f10912f224bfc519a53a38d3d5fef659

  • SHA512

    fb0f0f812dbcf78830689e27ff33ecb934d350ebc7302e25b9877bcdc9cb6b0705a201612de4cec1626f1a13203641eeddd7fd8cc59def88e23e9955ae7b5bcf

  • SSDEEP

    3072:UEjJpWunbNgcc+fw1nRKlnwT84Zhct/qR8NbtS6Gbmhmad4:UGTWubNgcc+I1nRKlwTQ/PNbtS7Khma

Score
10/10
@ytlogsbotredline

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

185.216.70.238:37515

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 912-1264-0x0000000000080000-0x00000000000BE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections