Overview

overview

10

Static

static

10

2984-7-0x0...ry.exe

windows7-x64

2984-7-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2984-7-0x00000000001A0000-0x00000000001DC000-memory.dmp

  • Size

    240KB

  • MD5

    300b87ae0908b02cfe0824c4cc7ba662

  • SHA1

    2296f0bd998a156f35ce9fbb47aac1ff048a5cda

  • SHA256

    1afa2b21f4feafb27c0f7ce2c1e7e58e12c243c2ad8491f3fcd72bd10d22a174

  • SHA512

    1b22a7541f0926e53dd60b3012adaa293a212ec341784419aa3544ee362e4c277b4e60c9f9824174633b095efaf0c2716f5079241fcb77f99a18d891fb5b763e

  • SSDEEP

    3072:wuZa317iNgcyvDk1+rEn0apuKmsvIbPuh+UOXkRSdlzySwwesNKSc:wOe17iNgcGZrEn/vIk7OU0TzySxtQ

Score
10/10
@croncloudredline

Malware Config

Extracted

Family

redline

Botnet

@CRONCLOUD

C2

195.10.205.17:8122

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2984-7-0x00000000001A0000-0x00000000001DC000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections