Overview

overview

10

Static

static

10

3000-94-0x...ry.exe

windows7-x64

3000-94-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    3000-94-0x0000000000350000-0x00000000003DC000-memory.dmp

  • Size

    560KB

  • MD5

    b3218a18f5f0bc4676ac65e633ceeb38

  • SHA1

    9322c99bbd61611325a69230570b83428e58d2b9

  • SHA256

    19607d3bcd8b806528916e44bf3d8026350b7c548d7b5cd2c6f358cd1577ef95

  • SHA512

    10061d70444a0218e6ec1cd03f5633d75ffab222a76c274164586cb95644a6a7cc2472e597ba2467dfd1c740a08edfb74dcc13a7557b6b12f83315c7aec67a64

  • SSDEEP

    6144:uZlZIhbq6stxG/eD+0gAuxsRqvEsfXIYuAbbSWOq7WWMOSjePteoepMn6NuQHQDQ:u3BxoezglsXqeACQMOTr76NuQHQD9Ix

Score
10/10
lampredline

Malware Config

Extracted

Family

redline

Botnet

lamp

C2

77.91.68.56:19071

Attributes
  • auth_value

    ee1df63bcdbe3de70f52810d94eaff7d

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3000-94-0x0000000000350000-0x00000000003DC000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections