Overview

overview

10

Static

static

10

1540-1075-...ry.exe

windows7-x64

1540-1075-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1540-1075-0x0000000000050000-0x000000000008E000-memory.dmp

  • Size

    248KB

  • MD5

    0743a81f73f7aaabb2a2f285ae80f41e

  • SHA1

    0516018d203001b0a78f1100b76d583ed8604dd0

  • SHA256

    28a79ac70b4f6d2e682a16f6181fe96ce87e1165a986cfba81548e3eb04b15ac

  • SHA512

    84f81d6399e9f8c9362d86f4f2e9490b16fafdae8331a039eb9e782fc74c47600d40c6fab71a312afc44a6981082045e4470c7c175277589881b0266c6d57600

  • SSDEEP

    6144:PmSQQNgcPf2iHv0+9JR/xadbzBNFygk5:eHQNgcPf1JROBNFygk5

Score
10/10
kinzaredline

Malware Config

Extracted

Family

redline

Botnet

kinza

C2

77.91.124.86:19084

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1540-1075-0x0000000000050000-0x000000000008E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections