Overview

overview

10

Static

static

10

1008-1128-...ry.exe

windows7-x64

1008-1128-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1008-1128-0x0000000000400000-0x0000000000450000-memory.dmp

  • Size

    320KB

  • MD5

    6ca2165dddff7d95d3cd7013ea62f5b4

  • SHA1

    97f0ddbaa0b26278f96c974e874b20dea8496e16

  • SHA256

    741e0d235a1fe95bb123c56a9c7cc8e9805cbf0245e422806ae81bb962eec34f

  • SHA512

    7dc715a413cddebb2f08d2912c6437624ac05d44979f8e677fe4831589002e3f95b76bcada57f956b1b1256992178dd45d5aa131df8608a120001407a265d815

  • SSDEEP

    6144:5dhMBKuocs/bUK7ayvXuzZ2WcZqf7DIfL:5dn/YwXpWcUzsf

Score
10/10
livetrafficredline

Malware Config

Extracted

Family

redline

Botnet

LiveTraffic

C2

20.218.68.91:9552

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1008-1128-0x0000000000400000-0x0000000000450000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections