Overview

overview

10

Static

static

10

2028-8-0x0...ry.exe

windows7-x64

2028-8-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2028-8-0x0000000000400000-0x0000000000452000-memory.dmp

  • Size

    328KB

  • MD5

    ac2459752b3607d84dfd8911df8bfb54

  • SHA1

    ac7685eb412388b7eae28d2f0f0377fd810a9890

  • SHA256

    1fd8f0599f953d5d327d3b3fae8fe13799b00240e62b64156e6e69361ea1dcb2

  • SHA512

    5aae8b9a69ab235c6a933c04fc72be50aa9d9375b563b3c9628296f2a69bcb506b46a4856e94740bae8119e691a5140f223562fd24c518ab546d3eaa8c573d0d

  • SSDEEP

    3072:d2+Lb3nYcQbSLOLkb5FNqc2S8rdNdAX93nSixuh/AgkVMRqT6Dv/YleqiOL2bBO/:E6b512PBjAtzxuFAXVMRqT6D4vL

Score
10/10
@asasasassasassassasredline

Malware Config

Extracted

Family

redline

Botnet

@asasasassasassassas

C2

45.15.156.167:80

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2028-8-0x0000000000400000-0x0000000000452000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections