Overview

overview

10

Static

static

10

3672-604-0...ry.exe

windows7-x64

3672-604-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    3672-604-0x00000000001D0000-0x00000000001EE000-memory.dmp

  • Size

    120KB

  • MD5

    4913a9a29c67f8872bbfcc662b1b9716

  • SHA1

    4ddf13d554c325b2713076d185d937b78b884fab

  • SHA256

    068a4f698197c53279f99b1a7fbb2b3263e762eac2fa86650f1a96192ae2ed21

  • SHA512

    88fe7af9f04925f5ed43c7fbf95ba03d5ac2aebbfce5fc478630544f821a78f6ce261f85b3cdea0045f86197c14ef5e67d6d8135e1c17a0279d1c8bac7e9685d

  • SSDEEP

    3072:x3HcjBPe7NerE+CrFkDSuOkZDcXiqEqVRD:xeGKDRAX1

Score
10/10
5141679758_99redline

Malware Config

Extracted

Family

redline

Botnet

5141679758_99

C2

https://pastebin.com/raw/8baCJyMF

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3672-604-0x00000000001D0000-0x00000000001EE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections