Overview

overview

10

Static

static

10

3976-187-0...ry.exe

windows7-x64

3976-187-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    3976-187-0x0000000000500000-0x0000000000552000-memory.dmp

  • Size

    328KB

  • MD5

    b7606abf15d138ca0e6dab8e264c744f

  • SHA1

    df402797554292e753d2ed23ac62d4814a11a165

  • SHA256

    e786be75ec928d9b95d588928e4871830a232ae0d8229628f8ce323e0fa27260

  • SHA512

    11adaf36a98419a93773d585339069fb915d202e5111b5fee2896c93cbc587b68df11321551f7bd219ae16b6cd7babbb13945e733df947dd519fdae878c7d139

  • SSDEEP

    3072:uq6EgY6i4rUjhYMLwPcologL/ejZWTACtAti0lcZqf7D34leqiOLibBOp:VqY6inwPDpKZWTA+AplcZqf7DIvL

Score
10/10
test1234redline

Malware Config

Extracted

Family

redline

Botnet

Test1234

C2

185.215.113.67:26260

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3976-187-0x0000000000500000-0x0000000000552000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections