Overview

overview

10

Static

static

10

4588-894-0...ry.exe

windows7-x64

4588-894-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4588-894-0x00000000001B0000-0x00000000001EE000-memory.dmp

  • Size

    248KB

  • MD5

    6cc56554fa648338ed99238088034be2

  • SHA1

    6d2ec03f97a8ff5910b13308e9a3feb72566513e

  • SHA256

    065d7310bd9540a519b9e57bfbdc9c74bd82117a5dc7c5412b3ce50a022ee195

  • SHA512

    955ec19a71f7256ef9ed21a0a1444913a65b6fca3a44bc32ac12b4aff853de2500b8532def13cd3cff546255a7bdd845149af376433bec494fbb36fb429c033a

  • SSDEEP

    3072:6yng4InXNgcy9Wy3aPGcntCTt/qhGFlvDYLXZiTtz6:7g/XNgcWr3aPu/5FlvDYLpqt

Score
10/10
@ytlogsbotredline

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

194.169.175.235:42691

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4588-894-0x00000000001B0000-0x00000000001EE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections