Overview

overview

10

Static

static

10

1924-474-0...ry.exe

windows7-x64

1924-474-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1924-474-0x00000000000D0000-0x0000000000120000-memory.dmp

  • Size

    320KB

  • MD5

    c769fa1f1f72d67d08c6401639080668

  • SHA1

    0e353fe31803f4a713a6ae294ef6cf14c68f225c

  • SHA256

    04b1ee47d6cfb6f497d2702ce17f3e542cc3935c954ad8a08d2ce255f8884338

  • SHA512

    71b2a41824cbaceb7195d6481620ef5bc5d0b900c5780a3758cf51a5fede0d3a94ea0038daa828cb3bd5366ec137ad5f632e1c1640791ba6e09d7c6a1acc7b2d

  • SSDEEP

    3072:TqFFrqwIOGp3yN5mMpTVUGOJL8YC72GtrhdtqTZdeHI4cZqf7D34VeqiOLCbBOv:uBIOGgQGXdYTZcZcZqf7DI/L

Score
10/10
raptorredline

Malware Config

Extracted

Family

redline

Botnet

raptor

C2

89.23.107.91:35077

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1924-474-0x00000000000D0000-0x0000000000120000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections