Overview

overview

10

Static

static

10

1404-11-0x...ry.exe

windows7-x64

1404-11-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1404-11-0x0000000000400000-0x0000000000452000-memory.dmp

  • Size

    328KB

  • MD5

    d69f502d72dd01e7bf1f91cb6719b824

  • SHA1

    8914a4b9545e7cb8d776dc04f0f79d2da6a971bf

  • SHA256

    1c3ff2cca5de266cd0efc78e11acdbd0d665c75636b4c7b8b514b1bea0eced66

  • SHA512

    d5d7542fb3c6a8ef199bd7d0a4a600a6ab3bf470f1c768573c08cc99df2abed46c165cd179a01bab5c89bbaae69eda18a55f9682139295b2b3a894f977c6dfc6

  • SSDEEP

    3072:T2hL4bYLQHhrlL+brrNvsEOacCK9sEdYYX0nVlmoYKxLsRqAgkVMRqT6Dv/YCeq2:SbbrTcCWYYYmo1xLsoAXVMRqT6D4QL

Score
10/10
logsdiller cloud (telegram: @logsdillabot)redline

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (Telegram: @logsdillabot)

C2

195.20.16.188:20749

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1404-11-0x0000000000400000-0x0000000000452000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections