Overview

overview

10

Static

static

10

2764-140-0...ry.exe

windows7-x64

2764-140-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2764-140-0x0000000001280000-0x00000000012D4000-memory.dmp

  • Size

    336KB

  • MD5

    abe8a1b9c7a18bc9f53d6c3e435ac266

  • SHA1

    b5307788db1a317b767b277fe8f630106d7d46a6

  • SHA256

    15ae37cc227cd2cd2677a6726dda34ceccf12a150a49db6a39bfe6ac49c88d28

  • SHA512

    05bbaf8818faa9037070334fc52251a8414a43170d02df6e16cf6c24b658649bd904f21b0f19e1b05be3c406e27eba0d64f159f926b28fed29cd40824cebd0bf

  • SSDEEP

    3072:XfkCpXpfxIzbBePckWk6kVYmGmO+7GnTNSC3gILkBaWLkBWkrk34dTvs+2qj4j+i:mRg3BPxaUq7zMRqTjD4DL

Score
10/10
@pixelscloudredline

Malware Config

Extracted

Family

redline

Botnet

@Pixelscloud

C2

94.156.66.203:13781

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2764-140-0x0000000001280000-0x00000000012D4000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections