Overview

overview

10

Static

static

10

6324-1369-...ry.exe

windows7-x64

6324-1369-...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6324-1369-0x0000000002BB0000-0x0000000002BEC000-memory.dmp

  • Size

    240KB

  • MD5

    0f057e7bf1b9747ef0f6ac8f5232bec8

  • SHA1

    7163f9202b730e9c2868be2cdf67c62889e5cfdd

  • SHA256

    99a8805b37edbe686be48554564c575cb364ccb328b5118d998a9aebecc5b3d1

  • SHA512

    9ab1ac83618cfe501fe1c1ce3939c683b3bc35b11f52d3dbfa698bf85fac7a132a3470e82c0a9547ed60ccc6d89a079cee4f64722774ac305e83222cf5ff8f92

  • SSDEEP

    3072:JoreQfv7oNgcz31oPrSnZwNRwluWRSdtw1SIwJPdqvKSR:JoKiv7oNgczCPrIMyT0nw1SZBdqC

Score
10/10
livetrafficredline

Malware Config

Extracted

Family

redline

Botnet

LiveTraffic

C2

77.105.132.87:17066

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6324-1369-0x0000000002BB0000-0x0000000002BEC000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections