Overview

overview

10

Static

static

10

2068-2372-...ry.exe

windows7-x64

2068-2372-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2068-2372-0x0000000000790000-0x00000000007CC000-memory.dmp

  • Size

    240KB

  • MD5

    a5e31a7d05301dc1aae7641a2a9be4d2

  • SHA1

    64a6c219e2488271737545e4dd2f18482a75afc5

  • SHA256

    70d441ff3a59d03b7db639cb242fe72e7c4c229d23c9c7fbc9b345bf971d7788

  • SHA512

    cdebb4ada441c2aa1329d32f9b28d80ed00d682b6df8c90ad5216a78f0755746ef452719940d22615d93f30c2bc04ee172a482361445499b080173cd3cc1e1a2

  • SSDEEP

    3072:voreQfv7oNgcz31oPrSnZwNRwluWRSdtw1SIwJPdqvKS9:voKiv7oNgczCPrIMyT0nw1SZBdqC

Score
10/10
livetrafficredline

Malware Config

Extracted

Family

redline

Botnet

LiveTraffic

C2

77.105.132.87:17066

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2068-2372-0x0000000000790000-0x00000000007CC000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections