Overview

overview

10

Static

static

10

5484-521-0...ry.exe

windows7-x64

5484-521-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    5484-521-0x00000000001C0000-0x00000000001DE000-memory.dmp

  • Size

    120KB

  • MD5

    c9813620f012d5cc750a7b6ff078a0df

  • SHA1

    bff43e33d6cead3720550bb91c2be5fba85be621

  • SHA256

    fc631128f09b3fcfcd61c4cd7eebad52af662a54881bb59a75824c399b79eb34

  • SHA512

    94e2f4a590744a4b465f9c87f9db6281317ae7a06cca5615f317efcfd1fb4097ff9d54c9bcc9a271b80653b57f79ad0d96f161fc19ac4a168d3588b7e996ea9f

  • SSDEEP

    3072:w3HcjBPe7NerE+CrFkDSuOkZDcXiqEqVRI:weGKDRAX1

Score
10/10
5141679758_99redline

Malware Config

Extracted

Family

redline

Botnet

5141679758_99

C2

https://pastebin.com/raw/8baCJyMF

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5484-521-0x00000000001C0000-0x00000000001DE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections