Overview

overview

10

Static

static

10

2160-641-0...ry.exe

windows7-x64

2160-641-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2160-641-0x0000000000020000-0x000000000003E000-memory.dmp

  • Size

    120KB

  • MD5

    2845b1761e06f0673d0f6d707ac2d3f2

  • SHA1

    6435548461f10af099c9241aee2a1ae9c2f58aae

  • SHA256

    3fa3ce56c1dd01c433b90f93ad1539eddc39b0e7a5044617f7bfdae4c28a7624

  • SHA512

    69eb8060c6a021fff23d75891b717491b68ff4056c35461823ae9fb2d56251691c28223404dbd6787127a4bcb1980d2148728485dc0aa3acf46c4b3048aa2604

  • SSDEEP

    3072:p3HcjBPe7NerE+CrFkDSuOkZDcXiqEqVR6:peGKDRAX1

Score
10/10
5141679758_99redline

Malware Config

Extracted

Family

redline

Botnet

5141679758_99

C2

https://pastebin.com/raw/8baCJyMF

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2160-641-0x0000000000020000-0x000000000003E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections