Overview

overview

10

Static

static

10

1264-56-0x...ry.exe

windows7-x64

10

1264-56-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1264-56-0x0000000000AD0000-0x0000000000B04000-memory.dmp

  • Size

    208KB

  • MD5

    0c46b453aa7650c2a25f45b05b1eab24

  • SHA1

    1f586bf0ecb166807086664e83593e967201342c

  • SHA256

    f97662a88629b7ce087ed65ec50b2f8aedd7adda7e31027f1ed7a052fb553ad8

  • SHA512

    4a6da33a78a586c1e2defe869b36802e54bf6adeac7f354644c7ebe07c1fcd262bcbb20e0667752946da73ef9963d6bc76865bd20f424b917a603f7a9d343fb3

  • SSDEEP

    3072:Q6ds69A+pFhQwCEZgs2BRgDxLXao3v+m1+4+MgzWM8e8hlv:hds6tFhQ8lDpfmm1+hyMW

Score
10/10
logsdiller cloud (telegram: @logsdillabot)redline

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (Telegram: @logsdillabot)

C2

147.135.231.58:39396

Attributes
  • auth_value

    c2955ed3813a798683a185a82e949f88

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1264-56-0x0000000000AD0000-0x0000000000B04000-memory.dmp
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections