Overview

overview

10

Static

static

10

1940-0-0x0...ry.exe

windows7-x64

1940-0-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1940-0-0x0000000000150000-0x00000000001A0000-memory.dmp

  • Size

    320KB

  • MD5

    a41da3c515d608a71bff45f933f34ce4

  • SHA1

    31aab4b654e3e089e15340b9cb6fba8e332ede37

  • SHA256

    1436039790fcb959ce86e4f69299c65b372cc0c21b8b223272e839dec4c9d979

  • SHA512

    1f787db87ef54e191149440c1d65253100ac0568b17f957d13231c2a93a64009b6b4c69ab384e7090ada0896927a9ad07e938c911ea5d78c708952fffaa845a9

  • SSDEEP

    3072:3Hq8+MBKWoPXcfNfgwm7ROgttzZvDsb+cZqf7D349eqiOLCbBOb:3KhMBKWoc5gttzZLhcZqf7DIHL

Score
10/10
@ivandevelopperredline

Malware Config

Extracted

Family

redline

Botnet

@Ivandevelopper

C2

185.133.40.202:80

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1940-0-0x0000000000150000-0x00000000001A0000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections