Overview

overview

10

Static

static

10

3968-1-0x0...ry.exe

windows7-x64

3968-1-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3968-1-0x0000000000400000-0x0000000000452000-memory.dmp

  • Size

    328KB

  • MD5

    725496736e621b822370c6fa6fe438bb

  • SHA1

    ee240f0b88ca056c1280e927d9735664687e028c

  • SHA256

    d43b9f7750eabac569fa88657b2ed3e204a97c21605e3db63e55c403602b3721

  • SHA512

    e887c01ebdcd4d71e1b9a8c107cda74f7168d688f47781b367948931c7421b73b24db85ef4040cec659ed94d50dab7b08e3e92e7df3a5fc17b7603512ca80109

  • SSDEEP

    3072:Uq6EgY6ifrUjGITtnOwPp/1k4Y5TAWtAxii9cZqf7D34NeqiOLibBOl:/qY6iSnOwPD7Y5TAyA79cZqf7DI3L

Score
10/10
logsdiller cloud (tg: @logsdillabot)redline

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.77:6541

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3968-1-0x0000000000400000-0x0000000000452000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections