Overview

overview

10

Static

static

10

5276-970-0...ry.exe

windows7-x64

5276-970-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5276-970-0x00000000001C0000-0x00000000001DE000-memory.dmp

  • Size

    120KB

  • MD5

    6d4ca797eec18e85afc3bc8ba7a2c158

  • SHA1

    60a38a8764b0791092161c672183026fbc6fd044

  • SHA256

    78e87288d71d3ea9a9b2f34cdd3041f5272eb0dee97dfde716ef4f4f1d4e7c38

  • SHA512

    a0ca3b76acd7620f548c8146145fa8da36b96b1f8af8904a3a28b434ff25a2ceff782375eaba6954f61a67eb6ce7f7c5d305fbfd94b7a776a77c774b8616e523

  • SSDEEP

    3072:u3HcjBPe7NerE+CrFkDSuOkZDcXiqEqVRI:ueGKDRAX1

Score
10/10
5141679758_99redline

Malware Config

Extracted

Family

redline

Botnet

5141679758_99

C2

https://pastebin.com/raw/8baCJyMF

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5276-970-0x00000000001C0000-0x00000000001DE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections