Overview

overview

10

Static

static

10

1824-97-0x...ry.exe

windows7-x64

1824-97-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1824-97-0x0000000000260000-0x0000000000290000-memory.dmp

  • Size

    192KB

  • MD5

    674e050babdb85f93aa02eb1882bbebb

  • SHA1

    5fb7c6d779abdbcc561a1d3bf4a0d678ff8dc68e

  • SHA256

    adf6840c66304291215e5f4566c93d0a84d40d2f6f0d8d9bd587e6e451bb141c

  • SHA512

    e0374687e71323a4b11276e5aacb2dd12e2666577de99afb66f15e47718b9f5952f4befbac1ddc44e16f7becca727b34d71699814bb43ff661b609f6c2ca987f

  • SSDEEP

    1536:ob1dH8Hd36sv0W7T6QJ3rH3yk0I8pDUm46Z92kwk4XNBjkuv23Wfr1zaRXDxv6Vy:ob3KDlRy38i00xNKe/Jq7Bocly8e8hy

Score
10/10
crazyredline

Malware Config

Extracted

Family

redline

Botnet

crazy

C2

83.97.73.129:19068

Attributes
  • auth_value

    66bc4d9682ea090eef64a299ece12fdd

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1824-97-0x0000000000260000-0x0000000000290000-memory.dmp
    .exe windows x86


    Headers

    Sections