Overview

overview

10

Static

static

10

556-54-0x0...ry.exe

windows7-x64

556-54-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    556-54-0x0000000000220000-0x0000000000250000-memory.dmp

  • Size

    192KB

  • MD5

    41ee9d532a49bb98ea2ee1a6d3a4fff9

  • SHA1

    1ef39fa68433f05ae26352fcd3c406220fc0da7d

  • SHA256

    04392058681085b9e75c9185d77e531e432f2d897dcb069e01753fe433c85ac7

  • SHA512

    e17c7b93ad653a9c4f9e2248f95846bee22e911f18f51016ed360e37bee38a2edfdc8b90a4b6df9428ed9bfaa71b5bbc907b5b670c5bfd191005e3d818815ceb

  • SSDEEP

    1536:2DrRuq1Ps36sv0W7TRVOQM6fwrHwhn/rQbg5fb25LxNcqYQHnbuxaNLQmpTu0GkW:a8sO/O2DnEba0LxNEyPNcmpTuE8e8hT

Score
10/10
kiraredline

Malware Config

Extracted

Family

redline

Botnet

kira

C2

77.91.68.48:19071

Attributes
  • auth_value

    1677a40fd8997eb89377e1681911e9c6

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 556-54-0x0000000000220000-0x0000000000250000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections