Overview

overview

10

Static

static

10

1324-126-0...ry.exe

windows7-x64

1

1324-126-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1324-126-0x0000000000400000-0x000000000042A000-memory.dmp

  • Size

    168KB

  • MD5

    b3045052819c37f75ab2f3a1d3b69987

  • SHA1

    61895dd71b3cf23d470b01cae6153640eaf9ccde

  • SHA256

    a26ed6bc6d6264d4c56be6f29f7ff92684dfb9c203bba65252993e64e9e997b4

  • SHA512

    508c1b7e590e050ea3c06554c09edb740c91236e67bc324c21338ba866ae27e5477ac2bba4548928756b93ed01bfbb534a35055b29fbc1ba66d0a250279a1bdb

  • SSDEEP

    3072:uV+m5c/QmRSNp2Tm1bENx3Gh6ZF8e8hU:uj2w+nGh6P

Score
10/10
gregredline

Malware Config

Extracted

Family

redline

Botnet

greg

C2

83.97.73.122:19062

Attributes
  • auth_value

    4c966a90781c6b4ab7f512d018696362

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1324-126-0x0000000000400000-0x000000000042A000-memory.dmp
    .exe windows x86


    Headers

    Sections