Overview

overview

10

Static

static

10

1864-56-0x...ry.exe

windows7-x64

1864-56-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1864-56-0x0000000000090000-0x00000000000C0000-memory.dmp

  • Size

    192KB

  • MD5

    ec6f18207c83ef4d85637629528660a9

  • SHA1

    5a6b84bbdcdbc79646983656ca4dbf116f4b5697

  • SHA256

    b83161ffaf37f65617cbb33b95985ee6b5598456c6c22f68ab068320334e33cd

  • SHA512

    8545f698d85fb043c25a9730d9f47fcb4f5bfe699fe92021047e821fd90396185a177e1541a6060c6a3054a79489e18288f85def048909f113df4a157597709a

  • SSDEEP

    1536:QoadOiD7QUqlVZRGW8wzhr6St4HRYg3bFvTGqVQbukFZYUgp4CuA83wYkb8e8hF:7adhD0+R9iyFiqVgByZp4CuAZ8e8hF

Score
10/10
@naralust2redline

Malware Config

Extracted

Family

redline

Botnet

@naralust2

C2

94.142.138.4:80

Attributes
  • auth_value

    684687f1439152a73e2a8b293ee8c64e

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1864-56-0x0000000000090000-0x00000000000C0000-memory.dmp
    .exe windows x86


    Headers

    Sections