Overview

overview

10

Static

static

10

4992-232-0...ry.exe

windows7-x64

1

4992-232-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4992-232-0x00000000001C0000-0x00000000001EA000-memory.dmp

  • Size

    168KB

  • MD5

    299627e7ca50d6e60c095f0e47dd8005

  • SHA1

    ca378adf15b88fa3264d0c5cccb91c69fe039e8d

  • SHA256

    bed3519a6c6e147b23d465e6512a5fe7556cee7a497cae6fe8fe79698269f84b

  • SHA512

    a8d0e672e721e9d499215b03fc1b432094ae61b6535a78c829cf53b060e64287919d0f24ede30c73a8039cc7afabf10e2789342e53e6887ad47d8aaa775fae9a

  • SSDEEP

    3072:bV+m5c/QmRSNp2Tm1bENx3Gh6Zp8e8hU:bj2w+nGh6z

Score
10/10
gregredline

Malware Config

Extracted

Family

redline

Botnet

greg

C2

83.97.73.122:19062

Attributes
  • auth_value

    4c966a90781c6b4ab7f512d018696362

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4992-232-0x00000000001C0000-0x00000000001EA000-memory.dmp
    .exe windows x86


    Headers

    Sections