Overview

overview

10

Static

static

10

1728-54-0x...ry.exe

windows7-x64

1

1728-54-0x...ry.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1728-54-0x0000000000220000-0x0000000000250000-memory.dmp

  • Size

    192KB

  • MD5

    96e4b2abe51b2bcaf05c5ce62d0e3132

  • SHA1

    475622428c6dde16ae71138756524140025bc05b

  • SHA256

    e88432572af526806253642c724f7125aab677e5c1902898fac3718fede17c2f

  • SHA512

    23f8628ecc254e396c59f340d9266b87cb3fe0020d3722099274f0155c01084446c9abaece03b2a744e9060521d46403265181e0b9e18b5b5b9f483096f1638e

  • SSDEEP

    3072:MBfN10T8hFnWmMJxN/GJvQf3xGPno8e8hN:UNvWmMR1f3xGPno

Score
10/10
@cloudcosmic (https://cloudcosmic.store)redline

Malware Config

Extracted

Family

redline

Botnet

@CLOUDCOSMIC (https://cloudcosmic.store)

C2

157.254.164.98:28449

Attributes
  • auth_value

    34d166c21d3c623b65c1799fd54aa9f9

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1728-54-0x0000000000220000-0x0000000000250000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections