Overview

overview

10

Static

static

10

5008-214-0...ry.exe

windows7-x64

5008-214-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    5008-214-0x0000000000940000-0x0000000000970000-memory.dmp

  • Size

    192KB

  • MD5

    066298be190bfe79f34f52a3ec1d4569

  • SHA1

    cf32a3d3139e3bd7191663e6352396dc27b80adb

  • SHA256

    9a954130c810e681fa0dc5c058a3f93d3e2f6da4a3272f8a6b19bbf851157bcf

  • SHA512

    63421a5e71ef8fd936ce6f09e4dae18149183f9f588a923e42ff912c6235bb78092d31f570b2f58048cd7ff081dd1451ef1b8594d38ada70aa88606823dff97a

  • SSDEEP

    3072:pUrwt3n8OOIK4QMQxNv+OlzkTRwj8e8hY:pUr0BkTkTRwj

Score
10/10
charliredline

Malware Config

Extracted

Family

redline

Botnet

charli

C2

194.87.216.85:48239

Attributes
  • auth_value

    5d66099ba060815d5a2fd44e6e6f01be

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5008-214-0x0000000000940000-0x0000000000970000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections