Overview

overview

10

Static

static

10

1680-303-0...ry.exe

windows7-x64

1680-303-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1680-303-0x0000000000AC0000-0x0000000000AFE000-memory.dmp

  • Size

    248KB

  • MD5

    23c06db739d1ffebd719ac24c15b648e

  • SHA1

    90652c072c7658f70c6651c1b11629039eb97ff1

  • SHA256

    d010c355105922ca144f0523cd33da13e5ef265ab96e49eafc1c5cf3ae52cec0

  • SHA512

    d9db753ecdc68debe776eddf72464a00ed6a429c4d5af0239cdd5673ffdcfc055f89f5de2b8c80a37e4a32976245effeb50ae42c0961c40628a8dd297a568677

  • SSDEEP

    3072:/tJXRMeZYncNgckxQdxCr1d2t/q5yoQVZL53pRzzXZQAl:/JMeucNgckedxCDo/doQVZdZRzzXZQ

Score
10/10
kukishredline

Malware Config

Extracted

Family

redline

Botnet

kukish

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1680-303-0x0000000000AC0000-0x0000000000AFE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections