Overview

overview

10

Static

static

10

2600-122-0...ry.exe

windows7-x64

2600-122-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2600-122-0x0000000000330000-0x0000000000360000-memory.dmp

  • Size

    192KB

  • MD5

    32b47e3832ce4a0b20f0564f98aa7b45

  • SHA1

    f766b9b25c898c05f24f9145d9ef2ec98e1fbeb8

  • SHA256

    bac1afb85585e05a815aa961eda3cd8fe10d7b603f04b4e64b8e5d6d3e8c842e

  • SHA512

    3ddf9ad586f5f7d9468ae0fa44b04c21092f3330e09065b2dcc34601341b9dd186dccc68f8b6d031b4deb5481a0bd33c8c1305f61f392c157c3105c7563007fd

  • SSDEEP

    3072:cAF5KBstbkeNKZIhDDxNcaoMczCOO8e8hL:ZXb33hDYjyOO

Score
10/10
jakoredline

Malware Config

Extracted

Family

redline

Botnet

jako

C2

77.91.124.49:19073

Attributes
  • auth_value

    3db90f2679ab2890874898c7c6d65799

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2600-122-0x0000000000330000-0x0000000000360000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections