Overview

overview

10

Static

static

10

732-202-0x...ry.exe

windows7-x64

732-202-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    732-202-0x0000000000D10000-0x0000000000D4E000-memory.dmp

  • Size

    248KB

  • MD5

    86b763eadf078b7253494e2ee6b9abfa

  • SHA1

    4bfc0988c159846bbf74d2b0bcd6557485ae8bb7

  • SHA256

    2cb4f23b72fe0c44b8ef8f03018a1acb3da9a198bec8376305717f7038a130a5

  • SHA512

    f2946c02b1ad1c455af8a2510e014ed5eaa755cb688bb107c01923d40b2abf12f014f0e410fc7afa8a6019758cca815a2eda5bee421abf6b45b8e5b593965400

  • SSDEEP

    3072:ltJXRMeZYncNgckxQdxCr1d2t/q5yoQVZL53pRzzXZQAu:lJMeucNgckedxCDo/doQVZdZRzzXZQ

Score
10/10
kukishredline

Malware Config

Extracted

Family

redline

Botnet

kukish

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 732-202-0x0000000000D10000-0x0000000000D4E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections