Overview

overview

10

Static

static

10

1464-126-0...ry.exe

windows7-x64

1464-126-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1464-126-0x0000000000400000-0x000000000042E000-memory.dmp

  • Size

    184KB

  • MD5

    349acbb89d14d7261e4eeef547b26844

  • SHA1

    2af6f99105c85c3361683a4b62fdfa63ddb22493

  • SHA256

    881878854911c5849ee18f3fccc277dcb167bf44eb91879315572007901220ce

  • SHA512

    de96c3829721666756ef17efee9a04527ab0d6f42fcd8ef675092dbc12843366a77d39a3094ce6ea7bd765e961241e7796c96d00e8e9b9b7f33d5f7b33e790e0

  • SSDEEP

    1536:/aIRzICbajb+qhVZCGWDdmWPoQ8Wc94NiHjS4Z1oUg6TGqV4VWbuBNkqYvMd84wB:9sznuH8WcaN2jxsqV4cUK1vMdl8e8hJ

Score
10/10
metroredline

Malware Config

Extracted

Family

redline

Botnet

metro

C2

83.97.73.127:19045

Attributes
  • auth_value

    f7fd4aa816bdbaad933b45b51d9b6b1a

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1464-126-0x0000000000400000-0x000000000042E000-memory.dmp
    .exe windows x86


    Headers

    Sections