Overview

overview

10

Static

static

10

848-120-0x...ry.exe

windows7-x64

848-120-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    848-120-0x0000000000400000-0x0000000000454000-memory.dmp

  • Size

    336KB

  • MD5

    b0ebe491cee6d204e8d2f924f7f4f6d7

  • SHA1

    d98ef5a970762cb818dd0452e1180adba9faefa5

  • SHA256

    79339d49c197a4de8d2a4553b8f43832a5786ab459749c6754015c94bc3efd9f

  • SHA512

    03d9d7bfa697b15d4249abb6dc99bed6b84cb799ee76b8ced90410b698f2339d1e4b899b34293ea4c7d19268eff6c09522f827b8e60ba1ace97d0ef5b41ad8b9

  • SSDEEP

    3072:nA0N6BuP+zljNDc0ib8fy+8DCeynEkcxOWFiMRqfjDv/YkeqiOL2bBOb:7tglyjb8KH5xOJMRqfjD4KL

Score
10/10
yt&team cloudredline

Malware Config

Extracted

Family

redline

Botnet

YT&TEAM CLOUD

C2

185.172.128.33:8924

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 848-120-0x0000000000400000-0x0000000000454000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections