Overview

overview

10

Static

static

10

2404-788-0...ry.exe

windows7-x64

2404-788-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2404-788-0x0000000000B70000-0x0000000000BAE000-memory.dmp

  • Size

    248KB

  • MD5

    e66073ef2f86735a51825bc5b503a74c

  • SHA1

    04ef37e05cad391e7e4dda25e407f449c4722665

  • SHA256

    6a447ad1fc67324dfea855b0c3dfa369462021d7b4b3172743de421d5e46e677

  • SHA512

    66c90f8e2bfe14b508e483d9f1317d441a189ab16355b045a394ddae18b9c86c18fb42eebdd136b45452731d0842ec1ee8a83632a76bed26c79442bd86bc9fde

  • SSDEEP

    3072:FihvLpYnXNgc+jZ44OLqNaKe/Gbt/q6ubZovTqpwUybFhye:F+lYXNgc+144OLquOZ/CZovTqHybFh

Score
10/10
gromeredline

Malware Config

Extracted

Family

redline

Botnet

grome

C2

77.91.124.86:19084

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2404-788-0x0000000000B70000-0x0000000000BAE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections