Overview

overview

10

Static

static

10

3736-1203-...ry.exe

windows7-x64

3736-1203-...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3736-1203-0x0000000001300000-0x0000000001354000-memory.dmp

  • Size

    336KB

  • MD5

    5c9eeb8855a03e78e2d79de889106ba6

  • SHA1

    cdad628566daa08c5d7ef957b4ee886d5a152662

  • SHA256

    4759d28eac300feedecde6b8dc3158c8e8704c83533ec2b7388101794622d2e7

  • SHA512

    d1de9085dabc8f778999899650fa2e28b106c9824ea71dcd5021dbc71cb8e63e1a18c649fa1df7abc9c1f00cd1e937b5d284474372530f8f055342fa268b0350

  • SSDEEP

    3072:HfkCpXpfxIzbBePckWk6kVYmGmO+7GnTNSCmDILkBaWLkBWwnwb4dTvsu2qj4z+4:WyMBRRjvIxG+zMRqTjD4bL

Score
10/10
st12redline

Malware Config

Extracted

Family

redline

Botnet

ST12

C2

185.172.128.33:38294

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3736-1203-0x0000000001300000-0x0000000001354000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections