Overview

overview

10

Static

static

10

2952-514-0...ry.exe

windows7-x64

2952-514-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2952-514-0x0000000000D90000-0x0000000000DCE000-memory.dmp

  • Size

    248KB

  • MD5

    3f2b6cb03d0c95442424b2e4beccaf14

  • SHA1

    1d543f0bfaac3b53c99f50c0a64d9d2a2e2a7613

  • SHA256

    79a05befcd57cf445b21afd9a0f6157a4306c442cf3e5dc12c233909879f1f51

  • SHA512

    5aa051e40687799d036af53aab2b5647c4c8d7697802ca63809606d4891f4280716e89f966698891b75fc5e8c3b464ca4d0605e153cc9b86c34cfb99f36f7b5c

  • SSDEEP

    3072:ftJXRMeZYncNgckxQdxCr1d2t/q5yoQVZL53pRzzXZQAG:fJMeucNgckedxCDo/doQVZdZRzzXZQ

Score
10/10
kukishredline

Malware Config

Extracted

Family

redline

Botnet

kukish

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2952-514-0x0000000000D90000-0x0000000000DCE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections