Overview

overview

10

Static

static

10

2996-1198-...ry.exe

windows7-x64

2996-1198-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2996-1198-0x00000000011A0000-0x00000000011DE000-memory.dmp

  • Size

    248KB

  • MD5

    6c3ace62610608792a2a4d645de0ef8e

  • SHA1

    10f5e5a73470dc441023f6d9c49e4a0745485731

  • SHA256

    8d913e0f01d8e6d3db2bb5ba17737bdda67e5316fce5f230a20a320460c15f02

  • SHA512

    59636569e0caa871f1af50a2671d1f4ae1099ac8ade6bfe428f72f857836da8c13b5772d640ab4edace315de90794a3e9910272f6f7c8be7a796124c422e7e97

  • SSDEEP

    3072:kjJsVUnYNgcDTrB2Sr1DDfNt/qOWGkHCfbLCdrUd2s:kjJsSYNgcDn4SZDzH/oGkHCDL2rUd

Score
10/10
kinderredline

Malware Config

Extracted

Family

redline

Botnet

kinder

C2

109.107.182.133:19084

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2996-1198-0x00000000011A0000-0x00000000011DE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections