Overview

overview

10

Static

static

10

6036-163-0...ry.exe

windows7-x64

6036-163-0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6036-163-0x0000000000190000-0x00000000009AC000-memory.dmp

  • Size

    8.1MB

  • MD5

    673fbae5b4ed8d7ecdc7e8e9e2064cfc

  • SHA1

    2c2027babd3418b9c4f7a5d77448fffcc56aed79

  • SHA256

    919c26d40875842abeed9bc95e75023cf07f877b3098e2fb0d7cdbd48e5ea43b

  • SHA512

    a381367e30544fe95f97ebf6db1a9a971db963e6a4006e7b76444011ee638fcea085e10db07d4837ba17f9e4ce8c08bf04b03963494adad64466541de55809f3

  • SSDEEP

    196608:Bz7DRWw3vr/rKMu9MAQWN2yMEguTwNLOOcE:Bz7DRWwTz7aQyMYO

Score
10/10
themidatest123ndredline

Malware Config

Extracted

Family

redline

Botnet

Test123ND

C2

0.tcp.ngrok.io:11252

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida

Files

  • 6036-163-0x0000000000190000-0x00000000009AC000-memory.dmp
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections