Overview

overview

10

Static

static

10

4928-417-0...ry.exe

windows7-x64

4928-417-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4928-417-0x0000000000520000-0x000000000055E000-memory.dmp

  • Size

    248KB

  • MD5

    22999a1afcd45bcd669dd769c547c77d

  • SHA1

    d6d8ceb744b91a9855519301e8285f1825a214ef

  • SHA256

    c76686e687b2901992a6efbdc015fad2e90c59e89726e071970a698cd8436dea

  • SHA512

    112bad165e5640b66b51238b40a569bd6885c51405103dbda2fa2c6cd639407716d073c9163ec550e2808a8595bc00c86fc9b3740b573f9f751f70bcd6edbe28

  • SSDEEP

    3072:CEjJpWunbNgcc+fw1nRKlnwT84Zhct/qR8NbtS6Gbmhmadq:CGTWubNgcc+I1nRKlwTQ/PNbtS7Khma

Score
10/10
@ytlogsbotredline

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

185.216.70.238:37515

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4928-417-0x0000000000520000-0x000000000055E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections