Overview

overview

10

Static

static

10

4992-117-0...ry.exe

windows7-x64

1

4992-117-0...ry.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    4992-117-0x0000000000690000-0x00000000006C0000-memory.dmp

  • Size

    192KB

  • MD5

    5813bd02deb654ba1c4373079f08a1b7

  • SHA1

    5dd6be1eb8deac9a4796a6a6f3a6a669f47193ca

  • SHA256

    a96887ae216c40c557b412b09f010580d807fde6f2c80781aaa5c658331eee37

  • SHA512

    0a920d07068ba611ef85773084e8f8200119c3324997ca8a4a2bb26385033ea31432e5b610cc53cda2e2cd30fe2530be116ff30fd0561b9d854b6741b4d30629

  • SSDEEP

    1536:3T2dx36sv0W7ToV/8rHRaFlZBjtHUjA0LrxNy7YQd1buwZJddXn0GkRP8e8hp:jk/y0a7ZbUjLLrxNj6FDdXnM8e8hp

Score
10/10
@hukiluckyredline

Malware Config

Extracted

Family

redline

Botnet

@hukilucky

C2

vikaneleneer.shop:80

Attributes
  • auth_value

    eab4af0ade75678a373cfb861f349057

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4992-117-0x0000000000690000-0x00000000006C0000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections