Overview

overview

10

Static

static

10

1440-595-0...ry.exe

windows7-x64

1440-595-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1440-595-0x0000000001100000-0x000000000113E000-memory.dmp

  • Size

    248KB

  • MD5

    beec693bae0c6a58b29cbe9e1d7e0b46

  • SHA1

    34b96e8b26abf435ecf0412ebf3153ddf205c5d5

  • SHA256

    c782aeeffa4a188aaa8e65a02232720ff9b9809f0c5c464f1447c1efc8fde040

  • SHA512

    dd45455362570234a7231e6866361e1579eebbcb46eea811f8e4e7d0393be2558be3f76f289b1aff69ab2227facaaf77c7af2dde235c948a04418f21ae57352e

  • SSDEEP

    6144:jmSQQNgcPf2iHv0+9JR/xadbzBNFygk5:qHQNgcPf1JROBNFygk5

Score
10/10
kinzaredline

Malware Config

Extracted

Family

redline

Botnet

kinza

C2

77.91.124.86:19084

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1440-595-0x0000000001100000-0x000000000113E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections