Overview

overview

10

Static

static

10

1412-126-0...ry.exe

windows7-x64

1412-126-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1412-126-0x00000000000B0000-0x00000000000DE000-memory.dmp

  • Size

    184KB

  • MD5

    d4d59fc43c4c37be545aa0d3fe489dc0

  • SHA1

    c4c90765ba5452978c205bc7ce9e2f614f881160

  • SHA256

    50ad427208ba7727c34084a63e02f00e5ae0bf35ea9a0b89d4498b3615e8c475

  • SHA512

    cca5d6d2a799e8bd4c0d2733b80e0083660163785a42d7bbf68e41ccb381e526cc10fe27e71323767ec063372581b3def20314d7c283d9b3adbdd95aa5558174

  • SSDEEP

    1536:UTXbeqhVZCGW+WEVPhq8Wg8fnv5RCNTGqVYFWbuME0aQ5ZDr/e84wYkV8e8hH:MLXWb8WgMv75qVYsKaZDr/eA8e8hH

Score
10/10
metroredline

Malware Config

Extracted

Family

redline

Botnet

metro

C2

83.97.73.126:19046

Attributes
  • auth_value

    f7fd4aa816bdbaad933b45b51d9b6b1a

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1412-126-0x00000000000B0000-0x00000000000DE000-memory.dmp
    .exe windows x86


    Headers

    Sections