Overview

overview

10

Static

static

10

572-126-0x...ry.exe

windows7-x64

1

572-126-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    572-126-0x0000000000400000-0x000000000042A000-memory.dmp

  • Size

    168KB

  • MD5

    c7f41938ca0cabf6836354823b5f7902

  • SHA1

    0d189058ab6a7b20abcc6d428e75f33a651811ff

  • SHA256

    25f4db927999e4d342f2545898a23dcc58ae0bbb985fb9f8e045a54aaba31175

  • SHA512

    371cb5463efaca15555ecb47bb5b712940d4c1fc4018f9fca4f97f76055972c4ac000d3460211e48b216de30d6a844cb9db917002417dfbd5fd016d8b019986b

  • SSDEEP

    3072:/V+m5c/QmRSNp2Tm1bENx3Gh6ZF8e8hU:/j2w+nGh6P

Score
10/10
gregredline

Malware Config

Extracted

Family

redline

Botnet

greg

C2

83.97.73.122:19062

Attributes
  • auth_value

    4c966a90781c6b4ab7f512d018696362

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 572-126-0x0000000000400000-0x000000000042A000-memory.dmp
    .exe windows x86


    Headers

    Sections