Overview

overview

10

Static

static

10

6228-547-0...ry.exe

windows7-x64

6228-547-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    6228-547-0x0000000001300000-0x0000000001352000-memory.dmp

  • Size

    328KB

  • MD5

    48119da718b7297ba9aa6125ea718ad3

  • SHA1

    ea63a5ce534ae32dca1b082c80c3ba3cd3abcaee

  • SHA256

    54390c3a3b9bd564313bccb12585bf97479f2c42cf6da10c7d868ea6cc22af59

  • SHA512

    761cd4898a45f7d93b51458ec8ec932e0bfd6d15661b0a6bd2329a91065475cac0f36970918c3e552ddf3b9744fd60371a77677db7e9001714cf37fe9619b77f

  • SSDEEP

    3072:z2GLL3Y8QRrvRLsbMSNXkTS+IIBWmd1XinNzx3hEAgkVMRqT6Dv/YVeqiOL2bBOz:yobMM+tBV1sx3SAXVMRqT6D4/L

Score
10/10
uniq2redline

Malware Config

Extracted

Family

redline

Botnet

uniq2

C2

195.20.16.190:38173

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6228-547-0x0000000001300000-0x0000000001352000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections