Overview

overview

10

Static

static

10

1956-258-0...ry.exe

windows7-x64

1956-258-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1956-258-0x0000000001260000-0x000000000129E000-memory.dmp

  • Size

    248KB

  • MD5

    816c17cd8c9342e6040d11e78f5d43a9

  • SHA1

    96f7ea59fc15c5a0594e4eeb98fa82bc724f890e

  • SHA256

    bd0ed0c54cc2de8cc37e541dd1eac2cad50e1cd6a8bb8ca521dd15ecec1efe55

  • SHA512

    e1785fe6b16c50e146b4096ceeced46fc77708393bc386144b1d750331f4220dbe13b860d44d01820d3899d42713ad02304ed2dc514dfe64a18fb4e0e769d586

  • SSDEEP

    3072:N3zxq4nKNgcb03jq+PEQDt/q6VOu3HeBM8dtucsC:N3zxVKNgcbsjOQB/nOu3HeWetuc

Score
10/10
raptaredline

Malware Config

Extracted

Family

redline

Botnet

rapta

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1956-258-0x0000000001260000-0x000000000129E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections