Overview

overview

10

Static

static

10

2608-94-0x...ry.exe

windows7-x64

2608-94-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2608-94-0x0000000000400000-0x000000000043E000-memory.dmp

  • Size

    248KB

  • MD5

    621b8767ff440a6f6b75a6633e5918e7

  • SHA1

    e98337ba89fa8254a3e44feb59652fd8aef3bc4f

  • SHA256

    8b48be5a929f60d64a207c1fd8e3c42c0ca9adc2659e377e1c5733b26472b164

  • SHA512

    d76bb13d8ef65ba19f6ce6a67dfd819ba53919e94ad5254c7e69854333fcf30354d8662922bb7cd26a8f5b6a91d9640db424f6d91f40abae1b084b566bfc59a6

  • SSDEEP

    3072:dgk82FZ24nvNgcVcSDzL7GPl5t/q3IT6v+OC2lEm6b:dgk82FVvNgcVxDaN7/RT6v3blEm

Score
10/10
wolfaredline

Malware Config

Extracted

Family

redline

Botnet

wolfa

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2608-94-0x0000000000400000-0x000000000043E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections