Overview

overview

10

Static

static

10

668-82-0x0...ry.exe

windows7-x64

668-82-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    668-82-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    1bf0625587311eb9e22c712140ec1656

  • SHA1

    f64cd32f807362d255f9f0e2258be90f4ed2cd17

  • SHA256

    f1a0139bc26384f43a1871827f537323fae71f67a7337607a1caae8231560108

  • SHA512

    acf71cdf361defaa4915b4ac7ce17836c7f8cb5aac0291759910f8b94e13881580c354369d77ccc54de6023d1c5444e4971280b24dfa137fd6a4c9794fa09ec7

  • SSDEEP

    1536:6agcnVHT1a/ofGxl50U+fvHwMW5K81l1PhbjTKbV7mdOAf:vgcZZIl5a3HwLdLpL+sA

Score
10/10
lyla1906redline

Malware Config

Extracted

Family

redline

Botnet

Lyla1906

C2

94.130.176.65:13400

Attributes
  • auth_value

    5c6d9077ba684b0add99731765896e7e

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 668-82-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections