Overview

overview

10

Static

static

10

4840-378-0...ry.exe

windows7-x64

4840-378-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4840-378-0x00000000001C0000-0x00000000001DE000-memory.dmp

  • Size

    120KB

  • MD5

    a822163c0b24c505238c999d71e77570

  • SHA1

    b2b752191e23d17a541d135a61ad6b7720e005f7

  • SHA256

    fba5f3880cf66ea0e7286a0febd1d87a2fcf38b69d7353ade3a5bca49c18328c

  • SHA512

    99af00ec3dfb402c26f03efe17ee3046324bab9515216abfbe610e553152694b78eacfd882efce952472a130869c8d461a4b2f7b38ce3488083894b282673790

  • SSDEEP

    3072:m3HcjBPe7NerE+CrFkDSuOkZDcXiqEqVRI:meGKDRAX1

Score
10/10
5141679758_99redline

Malware Config

Extracted

Family

redline

Botnet

5141679758_99

C2

https://pastebin.com/raw/8baCJyMF

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4840-378-0x00000000001C0000-0x00000000001DE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections