Overview

overview

10

Static

static

10

1968-125-0...ry.exe

windows7-x64

1968-125-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1968-125-0x00000000000B0000-0x00000000000DE000-memory.dmp

  • Size

    184KB

  • MD5

    eb09d17434fcfd70146d88a8758ba6b2

  • SHA1

    073701d96933f421db5a54aa7ada13cc3f5a5ded

  • SHA256

    538fea5bf09d78132776bbec19f6f8a1a9ea5d40f42f154c240f9fcd9071407b

  • SHA512

    273a6534863137b171fc6e071831d36b152802a7eef0635b0278dfc24b211f49c4fea01a09b3530b39bf51080d9e8917c0baf410fe29d859de3dc1e87ae96073

  • SSDEEP

    3072:G0zS/8Wu8x0E/wG7GGXTm7qVGMrKzC5k788e8ht:/zv8tIG7GGXq7t9C5k78

Score
10/10
rockerredline

Malware Config

Extracted

Family

redline

Botnet

rocker

C2

83.97.73.127:19045

Attributes
  • auth_value

    b4693c25843b5a1c7d63376e73e32dae

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1968-125-0x00000000000B0000-0x00000000000DE000-memory.dmp
    .exe windows x86


    Headers

    Sections