Overview

overview

10

Static

static

10

1968-890-0...ry.exe

windows7-x64

1968-890-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1968-890-0x0000000000400000-0x0000000000452000-memory.dmp

  • Size

    328KB

  • MD5

    71fa0d7dee509881277df2c15048d8b9

  • SHA1

    81f64dc7bc813c144ddc5065937b1d30fbab8264

  • SHA256

    cf3c7f6173be7b30fc68bb5bda776cb97e30023996539a3cd1d379c3a5604bbd

  • SHA512

    770ac6d5d0c4c024d776273d959a0a9b0e7b43bacf75b32982e1340030f68dc7000ba566166a4b23e581757e2903eda9ba61c0d6a0a77122c131a7d32cb4b5fb

  • SSDEEP

    3072:ScMhtndFXkjx7y/w+KvqhAcYE2ViJH3Q9DndkXrkTxFsrcadS2gMRqTjDv/YHeqh:dHFE1emrixFycaAXMRqTjD4JL

Score
10/10
livetrafficredline

Malware Config

Extracted

Family

redline

Botnet

LiveTraffic

C2

20.79.30.95:33223

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1968-890-0x0000000000400000-0x0000000000452000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections