Overview

overview

10

Static

static

10

1588-297-0...ry.exe

windows7-x64

1588-297-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1588-297-0x0000000000090000-0x00000000000E0000-memory.dmp

  • Size

    320KB

  • MD5

    fb7e5910f99166a113bf48c605a39e35

  • SHA1

    64ad44c9c6681191cd919580ae545cd4d4e952e6

  • SHA256

    515799d9faab11aab92b65280f7ff3fe23e48a0acf1d2944ebb4a1cea18f07d5

  • SHA512

    42259ebedd3dbbc8c8b44d7385a62a7e649d32173aaa561928f69b574fca7870a4ecd676411159f3d80c5d99160a579152a0ac1038b560050e8ccaac98e44f00

  • SSDEEP

    3072:jqFFrqwIOGdTypEmz07sj+HlL9W8GyyoChdBVTZ4fzIZcZqf7D34deqiOLCbBOs:+BIOG6mKosdvTZWMcZqf7DInL

Score
10/10
yt2redline

Malware Config

Extracted

Family

redline

Botnet

YT2

C2

45.140.147.183:12245

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1588-297-0x0000000000090000-0x00000000000E0000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections