Overview

overview

10

Static

static

10

1252-125-0...ry.exe

windows7-x64

1252-125-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1252-125-0x0000000000400000-0x000000000042E000-memory.dmp

  • Size

    184KB

  • MD5

    d544833d44291c2d7d2443a81e33a340

  • SHA1

    8461f6eb228b882cf3b012d571d1947f4e2825b4

  • SHA256

    67423d50b59b417ee75ee0bac74a18a28805cf6cee5b2e686e96e3d32f12e8b1

  • SHA512

    0be38d766f540d70fd180e0ccad9f55456e8abf8596425633b5b94165e4f661dcd206233ebfc7ce2cc78ca7798d05d657f8edb3bb47490397b067a973bfb3977

  • SSDEEP

    1536:5aIRzICbajb+qhVZCGWDdmWPoQ8Wc94NiHjS4Z1oUg6TGqV4VWbuBNkqYvMd84wB:LsznuH8WcaN2jxsqV4cUK1vMdl8e8hJ

Score
10/10
metroredline

Malware Config

Extracted

Family

redline

Botnet

metro

C2

83.97.73.127:19045

Attributes
  • auth_value

    f7fd4aa816bdbaad933b45b51d9b6b1a

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1252-125-0x0000000000400000-0x000000000042E000-memory.dmp
    .exe windows x86


    Headers

    Sections