Overview

overview

10

Static

static

10

1600-56-0x...ry.exe

windows7-x64

1600-56-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1600-56-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    afa013899ab938511e7d786f3408dc56

  • SHA1

    7ee0dd8b68d8eeb1dc0ba2377c699c7532a2f74f

  • SHA256

    638f0dc724066aedc214a24fcd9a41278aa620dbaa4b297696d7a48127c39492

  • SHA512

    5310e073dc0454a8941bdbc508e170275f520efc5b62aaeb8a1d51e5d893775b6600239690bd46a4477da3e63691ecc751398ed7fc63c895f7cf1edc9eec80c8

  • SSDEEP

    1536:q0HMGE/qhVZCGWZlwP/t8WL6MiC6YdWjkTGqVOFWbuQ/xzuXheajW84wYkO8e8hH:2hJq8WL6qdWjNqVOshoXheajW78e8hH

Score
10/10
redline

Malware Config

Extracted

Family

redline

C2

94.142.138.147:48665

Attributes
  • auth_value

    fbf4b82af9bec566478af5ba76cedcd8

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1600-56-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections