Overview

overview

10

Static

static

10

1480-245-0...ry.exe

windows7-x64

1480-245-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1480-245-0x0000000000AD0000-0x0000000000B0E000-memory.dmp

  • Size

    248KB

  • MD5

    385b41543d5faf5efdfc23082b1edc5a

  • SHA1

    c0a758134e2484cb7889cfac21094d99572f9806

  • SHA256

    949b8ffc7336357209b1b839d9e713fed156a875a8217bc8cbc4269d700c9885

  • SHA512

    75becc6f905fd644a61f1f349b053326ed4a59dffe7bedd4f316164d7e8859af1959445a0fcf4e1cbd8774615d15b1c3921641d35a3677b5e48a28f3f9b7923a

  • SSDEEP

    3072:dtJXRMeZYncNgckxQdxCr1d2t/q5yoQVZL53pRzzXZQA6:dJMeucNgckedxCDo/doQVZdZRzzXZQ

Score
10/10
kukishredline

Malware Config

Extracted

Family

redline

Botnet

kukish

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1480-245-0x0000000000AD0000-0x0000000000B0E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections