Overview

overview

10

Static

static

10

5700-1110-...ry.exe

windows7-x64

5700-1110-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    5700-1110-0x00000000001C0000-0x00000000001FE000-memory.dmp

  • Size

    248KB

  • MD5

    b328a44355aaf1d459a207b941eb964e

  • SHA1

    2a7cc2f46f2f174fb625296f18bf62287da29a0a

  • SHA256

    5df639fb5beb4cbe02b339905babf7c536c7c2a238d7d4853297dea4daa14cb3

  • SHA512

    2db10074bbd0cde8c538fc4b6a6b4c3bd4c75b43733568d91035012db25faf15ae913f16c7efe9b4cf607032ecf803eef2363daee035c80bec635fa8347d1d78

  • SSDEEP

    3072:N9ng4InXNgcy9Wy3aPGcntCTt/qhGFlvDYLXZiTtzv:7g/XNgcWr3aPu/5FlvDYLpqt

Score
10/10
@ytlogsbotredline

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

194.169.175.235:42691

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5700-1110-0x00000000001C0000-0x00000000001FE000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections