Overview

overview

10

Static

static

10

2648-13-0x...ry.exe

windows7-x64

2648-13-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2648-13-0x0000000000400000-0x0000000000450000-memory.dmp

  • Size

    320KB

  • MD5

    128a276853079ea76caaf36309085d11

  • SHA1

    eedd3d1ecd8b8a3cc9d7493733995c2e407298d5

  • SHA256

    df9e4ec06dfbc92b37554d5d1dbbad280d8daaa714671284d8a3e953bf0193ab

  • SHA512

    7579e1bdedf8342fc228c91680961553799de04c9e90d3a25028235de38a83a49853582d25a382149a4e483890f2d8770681d4427a0fe45fa7d5158867141d26

  • SSDEEP

    3072:gq6EgY6iIrUj1Np/wPGn6a0QYTwy/x4TAkt3Siu5cZqf7D34ZbBO5:jqY6inwPo0JJx4TAA3Y5cZqf7DI

Score
10/10
tg@cvv88888redline

Malware Config

Extracted

Family

redline

Botnet

TG@CVV88888

C2

185.218.125.157:21441

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2648-13-0x0000000000400000-0x0000000000450000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections