Overview

overview

10

Static

static

10

1936-257-0...ry.exe

windows7-x64

1936-257-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1936-257-0x0000000001170000-0x00000000011AE000-memory.dmp

  • Size

    248KB

  • MD5

    5e39f86ae8ccdeee443fa506177abe29

  • SHA1

    9cbef03100c25e7ab65e5826ca2b480e7caeed17

  • SHA256

    a050a3f54e427633ab9bca325832883d62eeccfd45db30ef0f26dd461c813242

  • SHA512

    2daf007b850e97b1348e4f95815f442b09be0303ed9f706e83c322f653f62121ed71a8207c32ff3fea3a2c552dd29435c91b70bba18a4fb2ea3eb9d38ce7739a

  • SSDEEP

    3072:BVyymrtnYNgctkfHrUkFTQmX1DJVt/qqfb2/fluHdOLC:TyymJYNgctwLU21/Rb2/fY9O

Score
10/10
yt&team cloudredline

Malware Config

Extracted

Family

redline

Botnet

YT&TEAM CLOUD

C2

185.216.70.238:37515

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1936-257-0x0000000001170000-0x00000000011AE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections