Overview

overview

10

Static

static

10

1952-248-0...ry.exe

windows7-x64

1952-248-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1952-248-0x0000000001360000-0x000000000139E000-memory.dmp

  • Size

    248KB

  • MD5

    5307fd045f6edc6c4ed2a6fe05e56938

  • SHA1

    fb05fcb15fe74c97ce3982a866ac7f2e0545e232

  • SHA256

    850cbeffbfff821df2bc5818d72a4e7ee9bc2a100417a53bb4717b1979efa824

  • SHA512

    643730992e4253b086d5c15b6c7a613755e408f3c74c21d42c2f5e1ac43390de1e1b30ac25583214ceb18562e35e33c1b906893978d15509ea47410be1f47c00

  • SSDEEP

    3072:0jJsVUnYNgcDTrB2Sr1DDfNt/qOWGkHCfbLCdrUd2g:0jJsSYNgcDn4SZDzH/oGkHCDL2rUd

Score
10/10
kinderredline

Malware Config

Extracted

Family

redline

Botnet

kinder

C2

109.107.182.133:19084

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1952-248-0x0000000001360000-0x000000000139E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections