Overview

overview

10

Static

static

10

4700-8-0x0...ry.exe

windows7-x64

4700-8-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4700-8-0x0000000000400000-0x0000000000454000-memory.dmp

  • Size

    336KB

  • MD5

    8a299cb4dda81e9cfbdf36cae16bf548

  • SHA1

    7893b3e722a6cb6122ab9a78c460f604a21463c2

  • SHA256

    4a744757eb2c5c6d567c881a9f629bb53e94dd99316d99ebec9b8fa26087f40f

  • SHA512

    b6f3997e2dfb30157dcbef29c42b858bb4d8befaf720d40c8e6d85308bbe6f9dfb5f63a4f87410b9bf082ddfac6642b9adacc67cba730486dd471cfe69556f35

  • SSDEEP

    3072:vA0wQvE++meym2LsbfbujzJ8KOnl3xYNWBMRqfjDv/YheqiOL2bBO6:zCMecLsbfS5MxYuMRqfjD4jL

Score
10/10
@telchheartredline

Malware Config

Extracted

Family

redline

Botnet

@Telchheart

C2

45.15.156.167:80

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4700-8-0x0000000000400000-0x0000000000454000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections