Overview

overview

10

Static

static

10

3068-12-0x...ry.exe

windows7-x64

3068-12-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3068-12-0x00000000000F0000-0x000000000012C000-memory.dmp

  • Size

    240KB

  • MD5

    bb808bac58ad72d3aa36dcf0cdc93377

  • SHA1

    7641f76aa911eee297a2c6e0ac3df4f5f7e2b6c8

  • SHA256

    91ccc945c5533c6bab53eab8cdbecdc674a3a9afe1e30a844eb744b6fef94d7d

  • SHA512

    5fd3ec50682407f66b5ee16072ca171443a446cccb7fe856d1186a4dafee41c551bf00163ba42d51c61f913e7e26358b532cd3557ca1401c8bd24cccbbdc218d

  • SSDEEP

    3072:KoreQfv7oNgcz31oPrSnZwNRwluWRSdtw1SIwJPdqvKSX:KoKiv7oNgczCPrIMyT0nw1SZBdqC

Score
10/10
livetrafficredline

Malware Config

Extracted

Family

redline

Botnet

LiveTraffic

C2

77.105.132.87:17066

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3068-12-0x00000000000F0000-0x000000000012C000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections