Overview

overview

10

Static

static

10

2824-125-0...ry.exe

windows7-x64

2824-125-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2824-125-0x00000000001F0000-0x000000000022C000-memory.dmp

  • Size

    240KB

  • MD5

    9c1284a864b1d9be54c4606d1c72d519

  • SHA1

    4ff33268ad174350ab1332843e6a6a41fb822bea

  • SHA256

    b260b7369046ef2e9809763f652bf60c711a68386fce35fc5af4047e8158500e

  • SHA512

    11ad41415bce6da150e373aecd64cdf5a3e9ddab94445a08b345ada380d732cb92e88f20d49ed5bce0e420f81827c3043c12e6cae4b1b6ecdf674fe3705c7dc0

  • SSDEEP

    6144:KC4gdz070NgcoTrFzO2DzzzzzzHLzzzzzzzrzzzzzzzzzzzzzDzzzzzzL7z30yfE:4O5NgcoTrp9LrorsI

Score
10/10
livetrafficredline

Malware Config

Extracted

Family

redline

Botnet

LiveTraffic

C2

77.105.132.87:6731

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2824-125-0x00000000001F0000-0x000000000022C000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections