Overview

overview

10

Static

static

10

3012-6-0x0...ry.exe

windows7-x64

3012-6-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3012-6-0x00000000000F0000-0x0000000000142000-memory.dmp

  • Size

    328KB

  • MD5

    5facf85b067aed60b546304a110421fd

  • SHA1

    fbeb20bead89ba50ac45f954ccb5fba8f4e555b0

  • SHA256

    e2cb7851c953faa4c4ff1555fa4a9e15a44919a2eff45fad79f0300e7e1e6077

  • SHA512

    6063a0d1b892ded30e755d53f664e390ce1f08873a3e05b831883e5f45313200a5c4c920375716ad49b7e0a154c074b2cc684f53e728782b7345ee473969b9dc

  • SSDEEP

    3072:K2GLL3Y8QRrvRLsbMSNXmQogXIdilX+nupxQRmAgkVMRqT6Dv/YNeqiOL2bBOU:fobM+eilRxQEAXVMRqT6D43L

Score
10/10
legaaredline

Malware Config

Extracted

Family

redline

Botnet

Legaa

C2

185.172.128.33:38294

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3012-6-0x00000000000F0000-0x0000000000142000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections