Overview

overview

10

Static

static

10

6656-1172-...ry.exe

windows7-x64

6656-1172-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    6656-1172-0x00000000001C0000-0x00000000001FE000-memory.dmp

  • Size

    248KB

  • MD5

    4fc26af9665ab4ba5cd51fb7e034e2fb

  • SHA1

    e688b41c0f2623a557c2aff2f118728763ebb244

  • SHA256

    3e753adc958d6671e1acb443533d4bfc3d2f177011d4f302a75d51877f563697

  • SHA512

    81bab67f12ed431b0bd1d3d53911719e0e295028377f874b51ac09c5b6c7a53c4742a2ab5f096dd7d091b86c2d5c88af553aa0a75f3f7fa4aeb7ec05c304c763

  • SSDEEP

    3072:Npng4InXNgcy9Wy3aPGcntCTt/qhGFlvDYLXZiTtzv:rg/XNgcWr3aPu/5FlvDYLpqt

Score
10/10
@ytlogsbotredline

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

194.169.175.235:42691

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6656-1172-0x00000000001C0000-0x00000000001FE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections