Overview

overview

10

Static

static

10

1968-176-0...ry.exe

windows7-x64

1968-176-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1968-176-0x0000000000200000-0x000000000023C000-memory.dmp

  • Size

    240KB

  • MD5

    571a2166dea6bc7be0f7251b010f25a8

  • SHA1

    ebfb5673f24711d57b77cb9d0dc01edc92b06613

  • SHA256

    ae99f5139ffe6f419fda5f12dbd91d7dcf0ceaa7b9c57491c5b7a1d54387f1d4

  • SHA512

    3e2f010a4737224987b7e5d6587637f0236fc6817e38bc4a15004d8fb8bbdbaa4802b241d1ac4c2ca795e307a33870571b775d791941efb833d151939f3620c7

  • SSDEEP

    6144:7C4gdz070NgcoTrFzO2DzzzzzzHLzzzzzzzrzzzzzzzzzzzzzDzzzzzzL7z30yfE:PO5NgcoTrp9LrorsI

Score
10/10
livetrafficredline

Malware Config

Extracted

Family

redline

Botnet

LiveTraffic

C2

77.105.132.87:6731

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1968-176-0x0000000000200000-0x000000000023C000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections