Overview

overview

10

Static

static

10

1944-12-0x...ry.exe

windows7-x64

1944-12-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1944-12-0x0000000000080000-0x00000000000BC000-memory.dmp

  • Size

    240KB

  • MD5

    10db8a10258579e375868df7a75ac0f0

  • SHA1

    7db945dcf7e9ee804ca1b186f2c1a6b5fd3cbdc1

  • SHA256

    e5d6b9eeec6c058b978045c095fd086ff1131dbdbfe0764d247d6ec6bb7280a8

  • SHA512

    5829ad96bf25fce177b30a43e35dd1bc7d82464c0805c18f00176625705d849c99c49c5cf40b4706b698224c6d1e7c5a67bf115c3c352959d2d11eb578fd38ba

  • SSDEEP

    6144:4C4gdz070NgcoTrFzO2DzzzzzzHLzzzzzzzrzzzzzzzzzzzzzDzzzzzzL7z30yfE:eO5NgcoTrp9LrorsI

Score
10/10
livetrafficredline

Malware Config

Extracted

Family

redline

Botnet

LiveTraffic

C2

77.105.132.87:6731

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1944-12-0x0000000000080000-0x00000000000BC000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections