Overview

overview

10

Static

static

10

2236-1099-...ry.exe

windows7-x64

2236-1099-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2236-1099-0x0000000000DD0000-0x0000000000E0E000-memory.dmp

  • Size

    248KB

  • MD5

    c5c8101431844c616748cb8a2d3a8f0d

  • SHA1

    91a83a9c844ecc63ff5ebea8c8de162ff8e30357

  • SHA256

    3869415941f6ebced02acb1e0f1d47669b058eced4ebaabeeb516c713c85c5ae

  • SHA512

    bb80cd3e90563fb0caf71e67f55ffc1f6f261be42ef7d92d4390aecb710fe2f1d7af205fa698b8dfe362f4e00d45d86a995a7062b065fc9ffbe6e26a176053f1

  • SSDEEP

    3072:dtJXRMeZYncNgckxQdxCr1d2t/q5yoQVZL53pRzzXZQAK:dJMeucNgckedxCDo/doQVZdZRzzXZQ

Score
10/10
kukishredline

Malware Config

Extracted

Family

redline

Botnet

kukish

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2236-1099-0x0000000000DD0000-0x0000000000E0E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections