Overview

overview

10

Static

static

10

2584-196-0...ry.exe

windows7-x64

1

2584-196-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2584-196-0x0000000000190000-0x00000000001BA000-memory.dmp

  • Size

    168KB

  • MD5

    8250e4b849c741501fcb27808cf02412

  • SHA1

    d0cacddd9e87ca932c5c48fe46b4133e61e19045

  • SHA256

    145eb90498d4fe3f40302f717a0ec4d599b51e310366b249a95e4ddf397fd0b2

  • SHA512

    57dfeb20288121f6d226ea05956ccaeaefba82d8f88a85e66d0803ce303725c6311dea967c8efc8f0a39524f303449495253aa5ce4fc3b31ac485ff5104e0cb8

  • SSDEEP

    3072:CV+m5c/QmRSNp2Tm1bENx3Gh6ZK8e8hU:Cj2w+nGh6s

Score
10/10
gregredline

Malware Config

Extracted

Family

redline

Botnet

greg

C2

83.97.73.122:19062

Attributes
  • auth_value

    4c966a90781c6b4ab7f512d018696362

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2584-196-0x0000000000190000-0x00000000001BA000-memory.dmp
    .exe windows x86


    Headers

    Sections