Overview

overview

10

Static

static

10

5920-958-0...ry.exe

windows7-x64

5920-958-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    5920-958-0x0000000000400000-0x000000000043C000-memory.dmp

  • Size

    240KB

  • MD5

    86ccb947a2c677c6b255dfc0b0c47f30

  • SHA1

    d3bb9980e37b92867a3e6b36bedb60d90eb3e0fa

  • SHA256

    f6e5dcafd24567d89a23aac474f2258090dda50fcfab21730339e00f89a02159

  • SHA512

    8dfbbec5eba9dce9de943cd1a35a7d373e5ea3ecd8ebd3e501d7cca6a04b3ee675213df6f4e5b107f36304355512243e3af0ec8cdd00a7b6c50611897f4cfebb

  • SSDEEP

    6144:5eYD7WNgcFOrxbh8HQAw0c217LJ2Yhq4:sJNgcFOrhAwaJ2Yhq4

Score
10/10
lfaredline

Malware Config

Extracted

Family

redline

Botnet

LFA

C2

91.92.249.95:7124

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5920-958-0x0000000000400000-0x000000000043C000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections