Overview

overview

10

Static

static

10

2800-51-0x...ry.exe

windows7-x64

2800-51-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2800-51-0x0000000000400000-0x000000000043E000-memory.dmp

  • Size

    248KB

  • MD5

    9380abadb2be4aa8b8dbe859e97d21c5

  • SHA1

    3aedeceac422519a68e08d5581cb8fe930fc796a

  • SHA256

    d4643d58c845d7e1da6eef36783f4bd9996cd0a12bdc94ddbda15052c99e0462

  • SHA512

    719d9e4047e20897052f11d47244576039c126154dfaa1de684498f57502c55028dc8a3908a2e9720d840caac1674348898e9900f71be0409da51151e483da92

  • SSDEEP

    3072:5ihvLpYnXNgc+jZ44OLqNaKe/Gbt/q6ubZovTqpwUybFhyT:5+lYXNgc+144OLquOZ/CZovTqHybFh

Score
10/10
gromeredline

Malware Config

Extracted

Family

redline

Botnet

grome

C2

77.91.124.86:19084

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2800-51-0x0000000000400000-0x000000000043E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections