Overview

overview

10

Static

static

10

2040-0-0x0...ry.exe

windows7-x64

2040-0-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2040-0-0x00000000002C0000-0x00000000002FE000-memory.dmp

  • Size

    248KB

  • MD5

    557a00fbd70c0530d56de4e504c0ed4e

  • SHA1

    a7c779f79ade2ef5d9bb96b6a5632a2383f42367

  • SHA256

    437a020a587bb59478d741c0411ba68c55f7fc332b99585d63c162f172d76f93

  • SHA512

    1884496b41628f1e43796b117b7346dcdddd4c7b11c55544d43e4518e91d83fb82f33f124ac9e01804da6a7a1981c7fe9145d6031182a4c2f798e5c9b2f0a8d4

  • SSDEEP

    3072:fTuGoWl7qnENgct8GYU311pWevF0t/qWz7r0kbpCTDyLy:ruGJleENgcS1I1a2FS/Z7r0UMTDy

Score
10/10
@oleh_psredline

Malware Config

Extracted

Family

redline

Botnet

@oleh_ps

C2

194.169.175.235:42691

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2040-0-0x00000000002C0000-0x00000000002FE000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections