Overview

overview

10

Static

static

10

7164-1227-...ry.exe

windows7-x64

7164-1227-...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7164-1227-0x0000000000B50000-0x0000000000B8E000-memory.dmp

  • Size

    248KB

  • MD5

    7cc00dfd45fec10d893f4e13ffe0a33f

  • SHA1

    456e55b749eb8fe10e72ab15a378354f8699fe2f

  • SHA256

    d4d2bd18ff2fef444bbb2bdf16a025927b732a4934ea08acdb6fd56557e57596

  • SHA512

    9ee1eb955a8084a4adccba106d494264368c77c7fdfb3be075ba86116d4684fc1c9f2b8b10e0225cba26eeaa1f5bdacf1c3e7a1521217ccc2203ab6b35f5a637

  • SSDEEP

    3072:oyng4InXNgcy9Wy3aPGcntCTt/qhGFlvDYLXZiTtzM:xg/XNgcWr3aPu/5FlvDYLpqt

Score
10/10
@ytlogsbotredline

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

194.169.175.235:42691

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 7164-1227-0x0000000000B50000-0x0000000000B8E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections