Overview

overview

10

Static

static

10

2668-144-0...ry.exe

windows7-x64

2668-144-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2668-144-0x0000000000C10000-0x0000000000C4C000-memory.dmp

  • Size

    240KB

  • MD5

    6565a511ccfd08d404c83aaf4708c85a

  • SHA1

    1142e2d0da9e21a46930dd28724b8adc96c0308e

  • SHA256

    c7df9c5497973d4893c32f3789a698e61beb0bc6d33daecff346109805f94cec

  • SHA512

    84e1318ffcf5492bbd6d7e2c78b24277529639b5894a7b435e46d49dbe9f54522107605b64ead7d30f8a4b7e27052a09942e2fd67b72ae59c09806fe21a387f4

  • SSDEEP

    6144:dZQSq7dNgcFKsrSJkkpj/Ux74c0d01SH0xWSwMPGO:dZQBNgcMsrIjgMcy0xWSwMPGO

Score
10/10
@oleh_psredline

Malware Config

Extracted

Family

redline

Botnet

@oleh_ps

C2

176.123.7.190:32927

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2668-144-0x0000000000C10000-0x0000000000C4C000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections