Overview

overview

10

Static

static

10

2420-133-0...ry.exe

windows7-x64

2420-133-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2420-133-0x00000000002A0000-0x00000000002D0000-memory.dmp

  • Size

    192KB

  • MD5

    b23a4717bacc7ace23b4a52c0d3bcd63

  • SHA1

    0d0e39bcac95c4902f1dd043492e9e62c8ce42de

  • SHA256

    ed46f13142fb7c10dc8ec016fd54261037f809dee4e56b8560455c2b767cedf9

  • SHA512

    f96a0b8071e57ec16fa4c34b4d47376a6e0bdb9876f855cac40fd77be0d9fc73ff18e236a697458a1be0b7ee776b2fba76910896871bbb516cd5ab99e8a939cb

  • SSDEEP

    3072:A+CgncfnivAgLNbcxNdydiyM4ROkme8e8hx:Av5hsKmM4ROkme

Score
10/10
sheronredline

Malware Config

Extracted

Family

redline

Botnet

sheron

C2

83.97.73.129:19068

Attributes
  • auth_value

    2d067e7e2372227d3a03b335260112e9

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2420-133-0x00000000002A0000-0x00000000002D0000-memory.dmp
    .exe windows x86


    Headers

    Sections