Overview

overview

10

Static

static

10

768-919-0x...ry.exe

windows7-x64

768-919-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    768-919-0x00000000000C0000-0x00000000000FE000-memory.dmp

  • Size

    248KB

  • MD5

    8003e291c8711475b474693319249734

  • SHA1

    66f5d1e4f3da27b3f298870c24efff8dbcf4b1ce

  • SHA256

    bde5af865a4e013e667faf70d03e188c1dbca2571fceac5113422d47e29408fb

  • SHA512

    a5f1df320cf6ee46ee1b0f36b2e6689586e582b53bf66ff4177f0d76e5eae0e79aae3dedd189caaac0f9b6909645ded94b860067b8a81f0e5c35210267163afb

  • SSDEEP

    3072:xNv0S/yQKnhNgcoVQqw5TmJOXkXt/qYJanR1TaiV0VnCkMSb:xi4y5hNgcoVQJ5n0d/tanR1aQ0VnCkM

Score
10/10
kolyanredline

Malware Config

Extracted

Family

redline

Botnet

kolyan

C2

77.91.124.82:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 768-919-0x00000000000C0000-0x00000000000FE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections