Overview

overview

10

Static

static

10

840-603-0x...ry.exe

windows7-x64

840-603-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    840-603-0x0000000001160000-0x000000000119E000-memory.dmp

  • Size

    248KB

  • MD5

    26ad008b036cc2e5f7062b202efe4eec

  • SHA1

    231dad05b368ff9c4166b1b38c873e5e8ee8e804

  • SHA256

    5584e51deee52bd74b89b3313e68a9ff0695bf14888528e2a285757a7d32c9b5

  • SHA512

    958bf2ba4d965a96d5defa22a5fdbc6e1a669552c6e0ffe95ae142a1184526a3224b8368bc7b2605e8bcf8a42cbd0ffbb6330137850ccba87ce00256b9658f46

  • SSDEEP

    3072:fVyymrtnYNgctkfHrUkFTQmX1DJVt/qqfb2/fluHdOLZ:dyymJYNgctwLU21/Rb2/fY9O

Score
10/10
yt&team cloudredline

Malware Config

Extracted

Family

redline

Botnet

YT&TEAM CLOUD

C2

185.216.70.238:37515

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 840-603-0x0000000001160000-0x000000000119E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections