Overview

overview

10

Static

static

10

1992-6-0x0...ry.exe

windows7-x64

1992-6-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1992-6-0x0000000000080000-0x00000000000BC000-memory.dmp

  • Size

    240KB

  • MD5

    260e6d4e8c3020e6eafd2df261861050

  • SHA1

    042a9a2dee5a36916d310d61705b9f7573fc1071

  • SHA256

    41689f8ca2b25cae50031a92a01ee0fffc5da9760bedb08e50248678c9e61df3

  • SHA512

    eea2f5003d4553640827699241a205f388577b8bfee04b320eae070712f0ff787b395f4a288a3a1502ba23802c8a7316222150f90975c9c1f28624c7a7203f80

  • SSDEEP

    3072:l72pP/78NgclYbmxrjboC9NRSdxDISQweuIDcjOT8KSw:lyt/78NgcmirjbX0XDISRtIDcjOTX

Score
10/10
@croncloudredline

Malware Config

Extracted

Family

redline

Botnet

@CRONCLOUD

C2

195.10.205.17:8122

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1992-6-0x0000000000080000-0x00000000000BC000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections