Overview

overview

10

Static

static

10

2612-12-0x...ry.exe

windows7-x64

2612-12-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2612-12-0x0000000000160000-0x000000000019C000-memory.dmp

  • Size

    240KB

  • MD5

    d6172f95de3db1533dbc2391a7dfc68a

  • SHA1

    4825337a123233fb32925afd7ff7e4fb583da46f

  • SHA256

    92a1eba0eeacc2d5d36c915e3a3bb22b944ed19c294a1b417e1ed6b8e4031b75

  • SHA512

    c52f61f754c038e560c3cf81e4ffe90acf10fc6f5ebd7e3a5cbfdcded4ba30b674623466c26614ddc66b083498f874e2ce2aa82879a12e511ebb3ac9b2dd10f4

  • SSDEEP

    6144:9C4gdz070NgcoTrFzO2DzzzzzzHLzzzzzzzrzzzzzzzzzzzzzDzzzzzzL7z30yfE:5O5NgcoTrp9LrorsI

Score
10/10
livetrafficredline

Malware Config

Extracted

Family

redline

Botnet

LiveTraffic

C2

77.105.132.87:6731

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2612-12-0x0000000000160000-0x000000000019C000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections