Overview

overview

10

Static

static

10

1604-142-0...ry.exe

windows7-x64

1604-142-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1604-142-0x0000000000280000-0x00000000002B0000-memory.dmp

  • Size

    192KB

  • MD5

    21ba40c91a10155c7064b1f8d9558367

  • SHA1

    280d736dd4813a426583c26650bef820339b598f

  • SHA256

    2c628cc41b9abbc056aa766d091cc5a704ca6d6777ac9ba6f643cc9447675f60

  • SHA512

    037df12651b056f25df6c5e977771b652a4a9a90b00411ab38fdca843daa4ef3dd2f50ba6fba81794dea43d4e7b2f92b5d086f74d5be909151d41b66828b24f1

  • SSDEEP

    3072:2QtDiwyqSVghBGfAGtTjxNKifvWPxn88e8hy:ribuhM5ZmnPxn8

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1604-142-0x0000000000280000-0x00000000002B0000-memory.dmp
    .exe windows x86


    Headers

    Sections