Overview

overview

10

Static

static

10

900-56-0x0...ry.dll

windows7-x64

1

900-56-0x0...ry.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    900-56-0x00000000025B0000-0x00000000025E4000-memory.dmp

  • Size

    208KB

  • MD5

    b00d7a63a27a20b0d136e467b25cd781

  • SHA1

    8645d9bcfda3449cc5b9a5e42babc3fae25b1d5e

  • SHA256

    638416615e0c0a696a6f1f560fe9dbd6241042f666dc54a5e0981d79f1ac6597

  • SHA512

    496b4ef42aa3bbd9c7d8b4e4bef7ca5b270f7966ce14e03eeb269525dbf004d581e202a70702a2d534f38779bb5cb689e95e49bd3970322b88adcdd474bdd418

  • SSDEEP

    3072:J4IgHUJvpRucoi3d/K+XwCjob8gaR20zgqC+hT0bAy/:PcUfQi1K+Ag1W+hy

Score
10/10
redline

Malware Config

Signatures

  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • RedLine payload 1 IoCs
  • Redline family
    redline

Files

  • 900-56-0x00000000025B0000-0x00000000025E4000-memory.dmp
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections