Overview

overview

10

Static

static

10

1828-1142-...ry.exe

windows7-x64

1828-1142-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1828-1142-0x0000000000320000-0x000000000035E000-memory.dmp

  • Size

    248KB

  • MD5

    2db8c3d03e1de0631fa98c5d8e35ff2b

  • SHA1

    9d881741015436ab2824a872f8207f3fcf74a34d

  • SHA256

    9c6c3b548910f642b2e2547d2a029a1fdec4c7623525e10fb65242c6ea697f63

  • SHA512

    26f26155b9fe6c794dca092cc9ad398518247bf989029a76860d87895dcf981f250598b35411275666fe81a01903ed5718152f3a26063fdbd28231235633ecd2

  • SSDEEP

    3072:LjJsVUnYNgcDTrB2Sr1DDfNt/qOWGkHCfbLCdrUd2V:LjJsSYNgcDn4SZDzH/oGkHCDL2rUd

Score
10/10
kinderredline

Malware Config

Extracted

Family

redline

Botnet

kinder

C2

109.107.182.133:19084

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1828-1142-0x0000000000320000-0x000000000035E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections