Overview

overview

10

Static

static

10

2164-281-0...ry.exe

windows7-x64

2164-281-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2164-281-0x0000000000400000-0x0000000000450000-memory.dmp

  • Size

    320KB

  • MD5

    18fcb5376146ccc0affcd9c2f6fac2fc

  • SHA1

    746a8a675cbdbe68cb0235ccc8dcc3d2d2215c3d

  • SHA256

    0023b465d44f1a8456f4875d8357e1221a0fd6b5216e2865369418566149fc2d

  • SHA512

    b43424c9b86711cd66e21e0f27d1d2a9643752547d2998be4dd01a6bf4fe99fb66ca1d66d06c5c7deb319bd72b796c9d65bb2d11bc15ea8c43cb350e57000ff7

  • SSDEEP

    3072:FqFFrqwIOG2dy3BymNz4x2jQywv7MCa3l6sJTZrfKIKcZqf7D34VeqiOLCbBOh:MBIOGfU2Uy33l9JTZzAcZqf7DI/L

Score
10/10
livetrafficredline

Malware Config

Extracted

Family

redline

Botnet

LiveTraffic

C2

20.218.68.91:7690

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2164-281-0x0000000000400000-0x0000000000450000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections