Overview

overview

10

Static

static

10

4120-1195-...ry.exe

windows7-x64

4120-1195-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4120-1195-0x0000000000D50000-0x0000000000DA4000-memory.dmp

  • Size

    336KB

  • MD5

    1305298c9d7c253fe873eae238a01bf2

  • SHA1

    a8d2ca3ad8200bd01a251c72cc16088f208091e4

  • SHA256

    fa32c540c1623532fac9292b488c21c536ccd2605071aaf14004cb539bfc85cb

  • SHA512

    6bce3c72e3a5ec9456c6a1c4bba012efd95089b66923e5cb0686f600c31e1e81d8adb0b15c6f85d8936b4faa4ec0749c279ab4015c3bd345e0fa5a5ed8750fb6

  • SSDEEP

    3072:dfkCpXpfxIzbBePckWk6kVYmGmO+7GnTNSCmDILkBaWLkBWwnwb4dTvsu2qj4z+u:syMBRRjvIxG+zMRqTjD4VL

Score
10/10
st12redline

Malware Config

Extracted

Family

redline

Botnet

ST12

C2

185.172.128.33:38294

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4120-1195-0x0000000000D50000-0x0000000000DA4000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections