Overview

overview

10

Static

static

10

2148-533-0...ry.exe

windows7-x64

2148-533-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2148-533-0x00000000010F0000-0x000000000112E000-memory.dmp

  • Size

    248KB

  • MD5

    b741adc66ee5cb5d5380491cf719f4e3

  • SHA1

    9de220890d8d6d1e213d105bdde6a955e81aaf3d

  • SHA256

    c3f1eb398c9c966a7e265db3422780b48352531a02e429025151ac94bb9ae435

  • SHA512

    1988a7f43b54fa46e9d109866f20deb666eaa56ab0d34ed72809ee47e1e29d079a7b1cea050e42628dd2b75b8cbb48b0e72ec421ab22188966e3c308e86b91d4

  • SSDEEP

    3072:MihvLpYnXNgc+jZ44OLqNaKe/Gbt/q6ubZovTqpwUybFhyL:M+lYXNgc+144OLquOZ/CZovTqHybFh

Score
10/10
gromeredline

Malware Config

Extracted

Family

redline

Botnet

grome

C2

77.91.124.86:19084

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2148-533-0x00000000010F0000-0x000000000112E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections