Overview

overview

10

Static

static

10

2836-409-0...ry.exe

windows7-x64

2836-409-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2836-409-0x00000000000D0000-0x000000000010E000-memory.dmp

  • Size

    248KB

  • MD5

    b6fb0fef6b53f5d480a23792f0b6b547

  • SHA1

    225c1aed3c0c58bfa813ba529859c2ea08138ea2

  • SHA256

    9ece7e1749df77ff733db4fd165544bb3ce09c756cd9a9d3e75e69ee4fedc259

  • SHA512

    28d0109f461f629dc3e6a924317168d5914e800a298f810c3b9dce4344a86e1e32ef864a2daa204759fdfbe1dd471788c6bc7227d3616c497b930c9d1ad52955

  • SSDEEP

    3072:PEjJpWunbNgcc+fw1nRKlnwT84Zhct/qR8NbtS6Gbmhmad/:PGTWubNgcc+I1nRKlwTQ/PNbtS7Khma

Score
10/10
@ytlogsbotredline

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

185.216.70.238:37515

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2836-409-0x00000000000D0000-0x000000000010E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections