Overview

overview

10

Static

static

10

2688-240-0...ry.exe

windows7-x64

2688-240-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2688-240-0x0000000000A30000-0x0000000000A6E000-memory.dmp

  • Size

    248KB

  • MD5

    3f421299a16935a63ff28e828a08bf6d

  • SHA1

    ade7e8ac722fec5294cc05f910fb92e0faa9a994

  • SHA256

    da2ded2cb100e46471c8cef96ba6ca9c2799a8bb8f7afd55a10fedfda1e657ea

  • SHA512

    b3b981a81209976fb19b1e94801965a22d50547f169f6ab2c1b71d56564168d05b9814a6fa91e760d9ce08843397d19ecccff240b00a60d0b3404416739aaf8e

  • SSDEEP

    3072:BtJXRMeZYncNgckxQdxCr1d2t/q5yoQVZL53pRzzXZQAk:BJMeucNgckedxCDo/doQVZdZRzzXZQ

Score
10/10
kukishredline

Malware Config

Extracted

Family

redline

Botnet

kukish

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2688-240-0x0000000000A30000-0x0000000000A6E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections