Overview

overview

10

Static

static

10

2392-5-0x0...ry.exe

windows7-x64

2392-5-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2392-5-0x0000000000C00000-0x0000000000C3C000-memory.dmp

  • Size

    240KB

  • MD5

    0bcef5d30c341552fca9477ffdafc00a

  • SHA1

    75c424d4ea511123d6a2c7f3824bb8bd1d4c7d83

  • SHA256

    4acd4676c712b2358ee0c763af408e735dbfe5240d06d946975a5b66545e1627

  • SHA512

    2ae0f0667ba3d388dca62b9f2b65d4a92e00d81a5b24f493fe502c32a8b075209c0f93fed17f51dafe33c00718e06f17d607e1b0f373be40cb4f8a07763b415b

  • SSDEEP

    6144:EqfF76NgcOSDrtedpSOJ4c0D51SYFnLV:5kNgcO2rQplScaFnLV

Score
10/10
livetrafficredline

Malware Config

Extracted

Family

redline

Botnet

LiveTraffic

C2

195.10.205.16:1056

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2392-5-0x0000000000C00000-0x0000000000C3C000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections