Overview

overview

10

Static

static

10

108-1097-0...ry.exe

windows7-x64

108-1097-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    108-1097-0x00000000001D0000-0x000000000020E000-memory.dmp

  • Size

    248KB

  • MD5

    6d2b14942ebefff146c8a89eec8ce71a

  • SHA1

    b598c47f3949632e068c7093f4a355fe1e168113

  • SHA256

    ab133e025fb2e118c9ae6b32dfbd8d54d7e9ee565e637b917e73a1ff71922ed0

  • SHA512

    f8b3776e6aa73ee4fc188802b4f7e7f96c62fab2d3bf7266fc69b8a95b220831a8c2a9bf10dd372573fdf767baff54f116aca8ddaf6cfb30673ab9f96e357082

  • SSDEEP

    6144:JmSQQNgcPf2iHv0+9JR/xadbzBNFygk5:oHQNgcPf1JROBNFygk5

Score
10/10
kinzaredline

Malware Config

Extracted

Family

redline

Botnet

kinza

C2

77.91.124.86:19084

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 108-1097-0x00000000001D0000-0x000000000020E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections