Overview

overview

10

Static

static

10

628-117-0x...ry.exe

windows7-x64

628-117-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    628-117-0x00000000002E0000-0x0000000000310000-memory.dmp

  • Size

    192KB

  • MD5

    7a1d5224468058e7503e1d1296ba4064

  • SHA1

    245932148391d05c467ef05f5dec9bbee4e8f725

  • SHA256

    03b75b1706d1f75e9c3cb9791cbab7eb3a612bf6402b9a4ec17ef99d8127a353

  • SHA512

    6ffcaec2775f8c13ec9107d797fad3084dbb9fc332547594023940f4d5c1c265d0648b7bf3e23c780f4446abd3a65ff4b05140876b09d3e2e7d0356868a94712

  • SSDEEP

    3072:2otDiwyqSVghBGfAGtTjxNKifvWPxnu8e8hy:TibuhM5ZmnPxnu

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 628-117-0x00000000002E0000-0x0000000000310000-memory.dmp
    .exe windows x86


    Headers

    Sections