Overview

overview

10

Static

static

10

2800-264-0...ry.exe

windows7-x64

2800-264-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2800-264-0x0000000000100000-0x000000000013E000-memory.dmp

  • Size

    248KB

  • MD5

    e8068f689f98ec21b5af0669e804d525

  • SHA1

    2494ffed6e689f715ec2b829613939f6244d5af6

  • SHA256

    f2860415ab3a0427a95b42ad08a5dc26e87ca0e1be2ea29a63085ab5185d302f

  • SHA512

    43912f7800a7d8a459ec06c3f667e4afa936dbe69ed5e146977b7c2531d6b983e406342ee67a0eed31979c9a30604128677de8105e12c6271622ef247829f54a

  • SSDEEP

    3072:RVyymrtnYNgctkfHrUkFTQmX1DJVt/qqfb2/fluHdOLK:DyymJYNgctwLU21/Rb2/fY9O

Score
10/10
yt&team cloudredline

Malware Config

Extracted

Family

redline

Botnet

YT&TEAM CLOUD

C2

185.216.70.238:37515

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2800-264-0x0000000000100000-0x000000000013E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections