Overview

overview

10

Static

static

10

1936-1175-...ry.exe

windows7-x64

1936-1175-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1936-1175-0x0000000000E70000-0x0000000000EAE000-memory.dmp

  • Size

    248KB

  • MD5

    9644941533a4a484cb471af04ff9c675

  • SHA1

    058329b840b20a9473fe10b90a320f6128101dfa

  • SHA256

    2043c28c5af9f8d0a8c095bf9384b08b8b17dbc811761af959f8dfd701c4436c

  • SHA512

    2c53e0c29aeaba764e53a90253a6b61b2a2864c1731a7af7091f7d7e629ad55939b5b9fcfd4c1a635265197e9d1edd4a886420b25ac9256bd0d0babe6f53ad18

  • SSDEEP

    3072:0Nv0S/yQKnhNgcoVQqw5TmJOXkXt/qYJanR1TaiV0VnCkMSa:0i4y5hNgcoVQJ5n0d/tanR1aQ0VnCkM

Score
10/10
kolyanredline

Malware Config

Extracted

Family

redline

Botnet

kolyan

C2

77.91.124.82:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1936-1175-0x0000000000E70000-0x0000000000EAE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections