Overview

overview

10

Static

static

10

1936-80-0x...ry.exe

windows7-x64

1936-80-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1936-80-0x0000000000400000-0x0000000000428000-memory.dmp

  • Size

    160KB

  • MD5

    0f8d82c0ed99d4008139750a35578247

  • SHA1

    74a0567a05a8e4f5347f4ef772c876d5a79e9b39

  • SHA256

    c996174ee84c8026edaaa7743474fd20dc59478de80d7350985b65a6651ced51

  • SHA512

    99770709482047cf682a9c2a94108e93aa2c538114e3325d37bcea1e265b57e04ab7e5e4abc527f1317319b9dacf3f51819ecd4546c029378c04fecbc039b0ad

  • SSDEEP

    3072:qYO/ZMTF6qmAFzNVmbRqViVdPDFQyR0xhZSS:qYMZMB6qmA/cbRqV8xyxh

Score
10/10
buk2redline

Malware Config

Extracted

Family

redline

Botnet

Buk2

C2

tyastazirowi.xyz:80

yaterirennin.xyz:80
Attributes
  • auth_value

    813662de00b041e18fa868da733fca07

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline

Files

  • 1936-80-0x0000000000400000-0x0000000000428000-memory.dmp
    .exe windows x86


    Headers

    Sections