Overview

overview

10

Static

static

10

4388-326-0...ry.exe

windows7-x64

1

4388-326-0...ry.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4388-326-0x0000000000470000-0x00000000004A0000-memory.dmp

  • Size

    192KB

  • Sample

    230613-zderlsbg68

  • MD5

    cba3e9c78fd0abdec319a74f4cc1e216

  • SHA1

    f96196b86a1208931c26a836b124531e4c0c0484

  • SHA256

    f29801ca6ba9174e18510421f0071e316a08ec8d0584e0c3d1fc559f18581400

  • SHA512

    2f2316b3e74fab9b9007862540a5fff491098e65dc8b1906fae1ccc97cc95628de3aed318c75dbcc7f3b856006b15f1e170e3bc90936e2b7c99f3fa885212a99

  • SSDEEP

    3072:N2hSAvhX53QxExS1efpxNkON9j8aS8e8hS:I7AEwYfma8aS

Score
10/10
redlinegemormicrosoftphishing

Malware Config

Extracted

Family

redline

Botnet

gemor

C2

83.97.73.129:19068

Attributes
  • auth_value

    00674604fada5400e22795cbca610e16

Targets

    • Target

      4388-326-0x0000000000470000-0x00000000004A0000-memory.dmp

    • Size

      192KB

    • MD5

      cba3e9c78fd0abdec319a74f4cc1e216

    • SHA1

      f96196b86a1208931c26a836b124531e4c0c0484

    • SHA256

      f29801ca6ba9174e18510421f0071e316a08ec8d0584e0c3d1fc559f18581400

    • SHA512

      2f2316b3e74fab9b9007862540a5fff491098e65dc8b1906fae1ccc97cc95628de3aed318c75dbcc7f3b856006b15f1e170e3bc90936e2b7c99f3fa885212a99

    • SSDEEP

      3072:N2hSAvhX53QxExS1efpxNkON9j8aS8e8hS:I7AEwYfma8aS

    Score
    5/10
    microsoftphishing
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks