Overview

overview

10

Static

static

10

4860-206-0...ry.exe

windows7-x64

1

4860-206-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4860-206-0x00000000045D0000-0x00000000045FA000-memory.dmp

  • Size

    168KB

  • MD5

    44899154b8f908a18e7257864642dece

  • SHA1

    9d5ed48e2c62cbba4ec42c63b95910705eeab88f

  • SHA256

    b547842ce13f764093a5bcb40bf191cacce1f149ac4fd884485d7d626c81f134

  • SHA512

    7856cb3e59b93d2f5521aee49aafc76a0d046147736a70f45764b1bb232340327b1c06d0fc486dd35b91985626a2b84264a7a97667eaa8749bba6ea193ab7e36

  • SSDEEP

    3072:aV+m5c/QmRSNp2Tm1bENx3Gh6ZS8e8hU:aj2w+nGh6c

Score
10/10
gregredline

Malware Config

Extracted

Family

redline

Botnet

greg

C2

83.97.73.122:19062

Attributes
  • auth_value

    4c966a90781c6b4ab7f512d018696362

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4860-206-0x00000000045D0000-0x00000000045FA000-memory.dmp
    .exe windows x86


    Headers

    Sections