Overview

overview

10

Static

static

10

1048-195-0...ry.exe

windows7-x64

1048-195-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1048-195-0x0000000000BF0000-0x0000000000C2E000-memory.dmp

  • Size

    248KB

  • MD5

    0a9db448e2f169eb6aa3bd0be29f07f5

  • SHA1

    c2b3d4ce02cdb1c58a9cc984f0b9644465199df6

  • SHA256

    5a0fd538e16909ffbf0f491a6f8a7a901b2cc3bd9a4309887ef47467fe22abba

  • SHA512

    ff75930990b7f319a8efe1a52a4f836170746d7aaddeda3ea3fd0ea346107c9b497eb1617ae92290e6becf600800c4e2c316a17279dd175edc5cb8396c8e2683

  • SSDEEP

    3072:jskouTnLNgcTxA3TZ3O865ju5xft/qqqyP/RNLPkqi:jskoGLNgcdoTFOV5ju57/QyP/rDk

Score
10/10
breharedline

Malware Config

Extracted

Family

redline

Botnet

breha

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1048-195-0x0000000000BF0000-0x0000000000C2E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections