Overview

overview

10

Static

static

10

292-97-0x0...ry.exe

windows7-x64

292-97-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    292-97-0x0000000000260000-0x0000000000290000-memory.dmp

  • Size

    192KB

  • MD5

    511a8d52a3b92e749de060922bdf0187

  • SHA1

    dedc78adc928c598ebaf3ed0c864e3dc1b654718

  • SHA256

    31de6f87bf5912a362c0268f1b7f96054d4d1a50af0544960383c7e88f5c652c

  • SHA512

    96fcfa56056ff2b65e064ec58b8a87cc79564ad53d324983390c83c3d32f6d00e01e6def30b91368c5bd32b770b862d6a12806296fe86856e1febfbaf356a76a

  • SSDEEP

    3072:2RtDiwyqSVghBGfAGtTjxNKifvWPxnW8e8hy:qibuhM5ZmnPxnW

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 292-97-0x0000000000260000-0x0000000000290000-memory.dmp
    .exe windows x86


    Headers

    Sections