Overview

overview

10

Static

static

10

1948-55-0x...ry.exe

windows7-x64

1948-55-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1948-55-0x0000000000FB0000-0x000000000184C000-memory.dmp

  • Size

    8.6MB

  • MD5

    f26c0dbe9a9f79ba6cb5d31e7d01247e

  • SHA1

    1397401f334612680adb698bbd685bc77ba13867

  • SHA256

    3a85b5bccbc4645da3c39bcb35ff5dc446dc398a8951139a365823aec037c8eb

  • SHA512

    86236d21cb72f72d84fe5f4001caa15fc0e0e00b3ab115aab36d586f94b0d1efb9dc6e8bd7a3821396874243479386f2b5f8c7befce60f246bd38d19eaa9ef2b

  • SSDEEP

    196608:OfN1RjOTLNTyC4GiPJMVX1DvWJhm6lq6pKKWMkCXwwpB:SYOC4/P25MDdDJkCXtpB

Score
10/10
yg muarredline

Malware Config

Extracted

Family

redline

Botnet

YG Muar

C2

80.89.229.34:21712

Attributes
  • auth_value

    f9c5b722d29df0056887f2623e349c54

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1948-55-0x0000000000FB0000-0x000000000184C000-memory.dmp
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections