Overview

overview

10

Static

static

10

2892-7-0x0...ry.exe

windows7-x64

2892-7-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2892-7-0x0000000000400000-0x0000000000450000-memory.dmp

  • Size

    320KB

  • MD5

    ab8ab9930b671e91fdf181fbe65f4f97

  • SHA1

    92c48fe581fa6136712b03d3e038318f6487cd04

  • SHA256

    e7ca04b376c5b66663f48c50da5e19f2d479b1faea0388f490a484a2f8e2581c

  • SHA512

    9104a5a7f0c41f03f0b54002f99e7b4213c5f356b5159f3a44f46c788fdf58949892e8cfcf79f2dd7edf7f1b6d89b178fb39e34c051bc7a2902ed41039493d3e

  • SSDEEP

    3072:TqK8kKqyZk88W7/0/YfQCPSDy0vsTZb+f/3cZqf7D34:uBkKqw6YfQCaDsTZa3cZqf7DI

Score
10/10
logsdiller cloud (tg: @logsdillabot)redline

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.0:29587

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2892-7-0x0000000000400000-0x0000000000450000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections