Overview

overview

10

Static

static

10

860-1-0x00...ry.exe

windows7-x64

860-1-0x00...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    860-1-0x00000000003C0000-0x00000000003FE000-memory.dmp

  • Size

    248KB

  • MD5

    2b2a650bee435094fb7bf745915e1953

  • SHA1

    baaab0e5838ff247a377417296f65ee82cadff91

  • SHA256

    6f51ca54444d37e276f5f2bdd00697c7f93f0dfc7d84a5618e2aa091e96ae35f

  • SHA512

    944de3f312a9f63972b1ecd54a41d6e60377425051e9b27f00cc162aa0b79281aaf7a24e2b0649fa3b2b8e97ff1ff51498e318399731ce18a29b397d157a7920

  • SSDEEP

    3072:TjsY7IhnKNgcgV/7oSlMfymk0o7ot/qqJfB9d3mxGAJGu:T4YshKNgc0zozfymk/u/ffB9dypJ

Score
10/10
@oleh_psredline

Malware Config

Extracted

Family

redline

Botnet

@oleh_ps

C2

185.216.70.238:37515

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 860-1-0x00000000003C0000-0x00000000003FE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections