Overview

overview

10

Static

static

10

572-97-0x0...ry.exe

windows7-x64

572-97-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    572-97-0x0000000000260000-0x0000000000290000-memory.dmp

  • Size

    192KB

  • MD5

    708c608f57d02d520f1015537299538c

  • SHA1

    9a298577be970947527197affd540c0480652cdb

  • SHA256

    6a2ac80909bc2942d23c60b580837d1cdb19451a89b7715e6adcaa9168533458

  • SHA512

    7d5c2423352d49bb77fae8ca28aa4a1148e135d22925dc25f4e99197e4267bf0633c3d5665641af26f7172585d7daee03d8e3e0802721a858c379e26961e59bb

  • SSDEEP

    3072:2btDiwyqSVghBGfAGtTjxNKifvWPxnW8e8hy:kibuhM5ZmnPxnW

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 572-97-0x0000000000260000-0x0000000000290000-memory.dmp
    .exe windows x86


    Headers

    Sections