Overview

overview

10

Static

static

10

596-97-0x0...ry.exe

windows7-x64

596-97-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    596-97-0x00000000001E0000-0x0000000000210000-memory.dmp

  • Size

    192KB

  • MD5

    bbeaf57fdac811d0260388b4e07d7363

  • SHA1

    2d9a39aed12e9c00848a17cd03cffb3c8c925f25

  • SHA256

    f8e3966b0d874b760f01b6d5d76e8e160c58822cf97dda190e85da1bdd960172

  • SHA512

    5591abaf8f3881ed2587cb851ba63ee71e62c24aa110efe4c459b01d4a6695cd519894afa05ec05c068138cca89e3f8c1f0ee1f3cb051530db3ce809337b4336

  • SSDEEP

    3072:2ztDiwyqSVghBGfAGtTjxNKifvWPxne8e8hy:8ibuhM5ZmnPxne

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 596-97-0x00000000001E0000-0x0000000000210000-memory.dmp
    .exe windows x86


    Headers

    Sections