Overview

overview

10

Static

static

10

1924-572-0...ry.exe

windows7-x64

1924-572-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1924-572-0x0000000000D30000-0x0000000000D82000-memory.dmp

  • Size

    328KB

  • MD5

    74c384bc3bdba4be477c7e65d16e71d9

  • SHA1

    3afadcedcc88f9961f6b60ea4e8278593762460b

  • SHA256

    902bf8352539216d1b9c8fde5fb0fd2d31d96cd7d1142cfbdce07f06daf469c9

  • SHA512

    b63167d0fb5514165d269961c8441126351a98e23d0a6fecc6a893245fb405b4ddd6fcd46b4a76d90e6bfcffc64d5fef6f9298166bab24ec2845fab6354c34d0

  • SSDEEP

    3072:JcZqf7D342p/0+mAAkygmgQEgHaB1fA0PuTVAtkxz53RzeqiOL2bBOA:JcZqf7DIOnwT2B1fA0GTV8krLL

Score
10/10
1488trafferredline

Malware Config

Extracted

Family

redline

Botnet

1488Traffer

C2

147.45.44.224:1912

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1924-572-0x0000000000D30000-0x0000000000D82000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections