Overview

overview

10

Static

static

10

2064-252-0...ry.exe

windows7-x64

2064-252-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2064-252-0x0000000000D70000-0x0000000000DAE000-memory.dmp

  • Size

    248KB

  • MD5

    b85ced9e84d415f6c9bb08a29f029f44

  • SHA1

    74e6bca50b3f395fd01d698ea182dcc694dbf4c6

  • SHA256

    992f721a9f2bdff5798ae917b3ebc39b44d1d6da5639417fe3960d60770e5020

  • SHA512

    659c990ce3386ccb10bda69c260498094c2fcc53105376a708e1ff5c64c4b7d1e7ac9c897bd615b731ef97e9c7219d0c207fcffb4398f72d98c33431deabdc67

  • SSDEEP

    3072:5tJXRMeZYncNgckxQdxCr1d2t/q5yoQVZL53pRzzXZQAI:5JMeucNgckedxCDo/doQVZdZRzzXZQ

Score
10/10
kukishredline

Malware Config

Extracted

Family

redline

Botnet

kukish

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2064-252-0x0000000000D70000-0x0000000000DAE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections