Overview

overview

10

Static

static

10

1952-681-0...ry.exe

windows7-x64

1952-681-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1952-681-0x00000000010A0000-0x00000000010DE000-memory.dmp

  • Size

    248KB

  • MD5

    e112a8c1028d1206e1c0cb50a3e05d42

  • SHA1

    0994c82450311117e1b4675147ae6d8844c3e415

  • SHA256

    f3cccb2e3afc569b31484245102763014f749c459fae109573c9026c7c42d9ef

  • SHA512

    844247a7f4e2aa64c120b1fba0a90f5f323e2a9af4faa75fc5a3bb10f4e2573dac79bc25e016bb517f3e15cbfd3e597f713ddeb4695813ba86149dc9f4706b20

  • SSDEEP

    6144:PmSQQNgcPf2iHv0+9JR/xadbzBNFygk5:eHQNgcPf1JROBNFygk5

Score
10/10
kinzaredline

Malware Config

Extracted

Family

redline

Botnet

kinza

C2

77.91.124.86:19084

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1952-681-0x00000000010A0000-0x00000000010DE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections