Overview

overview

10

Static

static

10

840-58-0x0...ry.exe

windows7-x64

10

840-58-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    840-58-0x0000000002340000-0x0000000002374000-memory.dmp

  • Size

    208KB

  • MD5

    138240cfe861d0af9bb745052d57d6d6

  • SHA1

    72d34f86364cb961327715e08d0d80df22d746fe

  • SHA256

    1c020ad1d8c81153a8e9c448c5aac9c0730ff636600977d294701c0f0640ac00

  • SHA512

    5572a034e531a702c6c7d4ff18a86953de7d17bb708e19649492b66c6d26eddc7900cb1a1bb8a8691f8cb780112834aed081a6c3183de843e99d0e3f5a482bd2

  • SSDEEP

    3072:gzPLRuCkCBrrAuHOOxaCEflJhL+4FBKf8X3iL8e8hi:EPLRwCw+EflJh+1kX3iL

Score
10/10
logsdiller cloud (telegram: @logsdillabot)redline

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (Telegram: @logsdillabot)

C2

178.33.182.70:18918

Attributes
  • auth_value

    c2955ed3813a798683a185a82e949f88

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 840-58-0x0000000002340000-0x0000000002374000-memory.dmp
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections