Overview

overview

10

Static

static

10

2040-285-0...ry.exe

windows7-x64

2040-285-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2040-285-0x0000000000360000-0x000000000039E000-memory.dmp

  • Size

    248KB

  • MD5

    5436ed11e79e47b9920e7cfbe73aed6b

  • SHA1

    bd0c4bb315b2e435d2a80c3a802b011492b4d252

  • SHA256

    3edd2362c12fc9121a926ad8583b3eaf27ce63031d93eaffb6346a306a06b918

  • SHA512

    c4897ae556681217eae33aa07000cc7b43372afd0deb8db38afd7ccaa6f1148da49519b84c1d563cc998e1acc6892899edaf4b3c0ff6ae4050a4ca02ea8cfdfd

  • SSDEEP

    3072:MihvLpYnXNgc+jZ44OLqNaKe/Gbt/q6ubZovTqpwUybFhyJ:M+lYXNgc+144OLquOZ/CZovTqHybFh

Score
10/10
gromeredline

Malware Config

Extracted

Family

redline

Botnet

grome

C2

77.91.124.86:19084

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2040-285-0x0000000000360000-0x000000000039E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections