Overview

overview

10

Static

static

10

2016-224-0...ry.exe

windows7-x64

2016-224-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2016-224-0x0000000000AA0000-0x0000000000ADE000-memory.dmp

  • Size

    248KB

  • MD5

    a50e30399369d9aebc48ecd0258fa1a2

  • SHA1

    75b675217d43c2e2d4d788685ee4e47fe1e9f8e2

  • SHA256

    57eef19c168661385db2072b617d8a4ef28c53ae3733d1914c84ca0d62b01edd

  • SHA512

    b9a579b5a4ddbc99c8aca6f4901dffc510941cd95e5d906b771f144f004ee2d73206d49f8169edcef1f2f3d2a56fb8f5d29ddfe4c02998e217341ff74dad6f3a

  • SSDEEP

    3072:ftJXRMeZYncNgckxQdxCr1d2t/q5yoQVZL53pRzzXZQAH:fJMeucNgckedxCDo/doQVZdZRzzXZQ

Score
10/10
kukishredline

Malware Config

Extracted

Family

redline

Botnet

kukish

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2016-224-0x0000000000AA0000-0x0000000000ADE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections