Overview

overview

10

Static

static

10

3048-8-0x0...ry.exe

windows7-x64

3048-8-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    3048-8-0x0000000000400000-0x0000000000454000-memory.dmp

  • Size

    336KB

  • MD5

    76c912ec0a5bf7f197c0fba92223e15f

  • SHA1

    58e9589ca4cfbf1985dcb8cd798a653c87be1595

  • SHA256

    5a9d498862301fd014bca4c147804856fe45cad762a01a0ea904a0e48121e791

  • SHA512

    176820c9ffedae6223f8f96b76fd8ed1f3ee936310797020187a52016ae3bf67a62c6fc4e94c7f2cceae598fb6e5f0746b32f187269b0bc18eb0881cbe0eecd1

  • SSDEEP

    3072:hA0lah+Q+ulzI2LsbfbujzJ8Kqn8PZxcJPNMRqfjDv/YkeqiOL2bBOz:VFSlxLsbfS5/xxcbMRqfjD4KL

Score
10/10
livetrafficredline

Malware Config

Extracted

Family

redline

Botnet

LiveTraffic

C2

20.79.30.95:33223

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3048-8-0x0000000000400000-0x0000000000454000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections