Overview

overview

10

Static

static

10

2520-516-0...ry.exe

windows7-x64

2520-516-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2520-516-0x0000000000330000-0x000000000036E000-memory.dmp

  • Size

    248KB

  • MD5

    d448097011d54b2239df1a8d06d6efab

  • SHA1

    b009a9ac2a6b3dc01b639cd23b8b75fa6743de7a

  • SHA256

    a2788e81d3366198aa5e3c3edf70f0024c226cdbc4e158b2bbd2f199ab5f8324

  • SHA512

    399a5a57e429ee799fe3832741f3fa6969fc6aa00efb2a6fbd77f7c5373e334226b75ef8bc6f9135ab19a88af9e0ad5754f4a9c03ec4dc87ae73dcbcda97b214

  • SSDEEP

    3072:ItJXRMeZYncNgckxQdxCr1d2t/q5yoQVZL53pRzzXZQAU:IJMeucNgckedxCDo/doQVZdZRzzXZQ

Score
10/10
kukishredline

Malware Config

Extracted

Family

redline

Botnet

kukish

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2520-516-0x0000000000330000-0x000000000036E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections