Overview

overview

10

Static

static

10

1484-1659-...ry.exe

windows7-x64

1484-1659-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1484-1659-0x00000000001D0000-0x000000000020C000-memory.dmp

  • Size

    240KB

  • MD5

    f61b229fe30c6a2912787bc430f7fdd2

  • SHA1

    daf5ac6931c5191e9283cd67a93beec7f743120d

  • SHA256

    b4e9b2d512f0c3fa0ba93f94cf9fc9480d8b8311baa09af51c8878db17b290cc

  • SHA512

    df0995615ad90b37db1068166922a7fccc0868c5eb29b538e10076b6836d3df739988f8ec6270d5d5290aa16a81345959407f8442b3833fc157ca7945a0c0eb2

  • SSDEEP

    6144:MP+YZ8x7SNgcVYCrx5q2vfO0PX1S+ALFd:MP+YCUNgcVhrCIWuALFd

Score
10/10
livetrafficredline

Malware Config

Extracted

Family

redline

Botnet

LiveTraffic

C2

195.10.205.17:8122

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1484-1659-0x00000000001D0000-0x000000000020C000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections