Overview

overview

10

Static

static

10

2352-1347-...ry.exe

windows7-x64

2352-1347-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2352-1347-0x0000000000230000-0x0000000000282000-memory.dmp

  • Size

    328KB

  • MD5

    43843901c8a57d76d9a482481e1b541b

  • SHA1

    691b33f1dfe89a15483919d73202d22eab265078

  • SHA256

    57b13c3673157551475aaad37b5b201f7e33dcf677445350d3baa3e7f54454af

  • SHA512

    6434ce874284ae093232e36abf25a939cefefaec3164f1fa336414307b6a2e600c79f005359d617153ea12df096f95524789e0809b9f14eed562ed0dbe0c23ef

  • SSDEEP

    3072:O2GLL3Y8QRrvRLsbMSNXmQogXIdilX+nupxQRmAgkVMRqT6Dv/YReqiOL2bBOU:DobM+eilRxQEAXVMRqT6D4zL

Score
10/10
legaaredline

Malware Config

Extracted

Family

redline

Botnet

Legaa

C2

185.172.128.33:38294

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2352-1347-0x0000000000230000-0x0000000000282000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections