Overview

overview

10

Static

static

10

1704-874-0...ry.exe

windows7-x64

1704-874-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1704-874-0x0000000000BF0000-0x0000000000C2E000-memory.dmp

  • Size

    248KB

  • MD5

    01f93f7265e2c59b74af5ff07c990464

  • SHA1

    d25f9f4dd028b434649c67d9d8e4490428bbabb4

  • SHA256

    cdf021b59faf1cae5c7d9d691bd3912abc885587e2694c194a265ad13aaec91e

  • SHA512

    7a261d778cb0f4ff111c559ae719a21d8d067ff6df456ccc001276f9d142598e577e41362331fa51072bdcfbfc4e6c917ed2ae963507febebfa7df6c2a2b1684

  • SSDEEP

    6144:kmSQQNgcPf2iHv0+9JR/xadbzBNFygk5:jHQNgcPf1JROBNFygk5

Score
10/10
kinzaredline

Malware Config

Extracted

Family

redline

Botnet

kinza

C2

77.91.124.86:19084

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1704-874-0x0000000000BF0000-0x0000000000C2E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections