Overview

overview

10

Static

static

10

2652-1101-...ry.exe

windows7-x64

2652-1101-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2652-1101-0x00000000010F0000-0x000000000112E000-memory.dmp

  • Size

    248KB

  • MD5

    f4571e47ee0535b48a1e9e6ca2d02270

  • SHA1

    308ea69bbb58100364b8fb2183dd021544532763

  • SHA256

    7aafb0e30744eda1a45194368f40cb29a3edd585ba9dd8deec67a604aa8e9a32

  • SHA512

    942c52f42e91c477582c0d9fad9933b997081c30b77fee0acb1b5bbf2a74a0cc92b0aecc000d55fcd7243e84d331c150ae4629bfeefe4e9dc969a9d176db24cd

  • SSDEEP

    3072:wtJXRMeZYncNgckxQdxCr1d2t/q5yoQVZL53pRzzXZQAx:wJMeucNgckedxCDo/doQVZdZRzzXZQ

Score
10/10
kukishredline

Malware Config

Extracted

Family

redline

Botnet

kukish

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2652-1101-0x00000000010F0000-0x000000000112E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections