Overview

overview

10

Static

static

10

1788-28-0x...ry.exe

windows7-x64

1788-28-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1788-28-0x0000000000CD0000-0x0000000000D22000-memory.dmp

  • Size

    328KB

  • MD5

    6222b2308ad6b1aa19267680fe3e60c0

  • SHA1

    1f058fd3bd7515f9bf1f80922c10817d9c50d6c9

  • SHA256

    c2298613f231acb52ac7deb2c6b0546da70ecc051743b6324b8dace8e31a1f08

  • SHA512

    a7aad8df930d9d45c6887181b38e38cc745f04c7178421843eaddba8baf2fed1c90c48b60d6c291e99a7ea3f073ff174ec32aa8cf3635a1d1544f898b1d88dbb

  • SSDEEP

    3072:qq6EgY6iQrUjytA4dwP8Zk1tx/Efz+TAGtASRkFcZqf7D341eqiOLibBOh:pqY6iAwP6k1vQz+TAiAtFcZqf7DIfL

Score
10/10
@logscloudyt_botredline

Malware Config

Extracted

Family

redline

Botnet

@LOGSCLOUDYT_BOT

C2

185.172.128.33:8970

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1788-28-0x0000000000CD0000-0x0000000000D22000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections