Overview

overview

10

Static

static

10

2824-41-0x...ry.exe

windows7-x64

2824-41-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2824-41-0x00000000002B0000-0x0000000000302000-memory.dmp

  • Size

    328KB

  • MD5

    bb2024f8fae0b8331042c4245d04693a

  • SHA1

    2ca0ea1286d26bc7724ffae8f57780e012981844

  • SHA256

    006decec72f44db5f222c8fc80418aa073672ef4e11ab39e92bd96bcc37b4404

  • SHA512

    1c8ea4375ebf3c5e4b1ad3eb669b82d6b48e9e9e45c0bb63fe32f629a549f8eb0cb0848d30d5a389b43a6065577af787dc0e42d286ab467fc8b7a3e1039d9e2b

  • SSDEEP

    3072:v2uLFrY2QSkHrLkmJiN6aYCJ7YcfDmnsyReXxntFgzxRhdAykPMRqT6Dv/YpeqiK:O0mJojZbmJeNQxR3A9PMRqT6D4rL

Score
10/10
livetrafficredline

Malware Config

Extracted

Family

redline

Botnet

LiveTraffic

C2

20.79.30.95:13856

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2824-41-0x00000000002B0000-0x0000000000302000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections