Overview

overview

10

Static

static

10

1196-62-0x...ry.exe

windows7-x64

10

1196-62-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1196-62-0x0000000001FB0000-0x0000000001FE4000-memory.dmp

  • Size

    208KB

  • MD5

    d6dc5851a71d7bad0ca2d92960f708ac

  • SHA1

    daca71d2c0db60a5af8dc1808ba7d9b62d3aebbc

  • SHA256

    ff6f758e14d2159d6c8295dff7c065f87255b684976f3a965995a747259be294

  • SHA512

    3bf2099e37003a22172f8f2f14bf912285d638c3da834088e1287a2d0539d9a069d3d6e60cfc14428e1104ed67bd8ace45958207d7f7ecd0e98d8c9c3f3e9667

  • SSDEEP

    3072:E7Cs69KyIoAwIQE+V2BmnrkMS8bx4+nIzCv8e8hK:sCs6KoAwDkMLbxMS

Score
10/10
logsdiller cloud (bot: @logsdillabot)redline

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (Bot: @logsdillabot)

C2

147.135.165.22:17748

Attributes
  • auth_value

    ed000008c0b59caf793b48c8ea9a7233

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1196-62-0x0000000001FB0000-0x0000000001FE4000-memory.dmp
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections