Overview

overview

10

Static

static

10

1116-141-0...ry.exe

windows7-x64

1116-141-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1116-141-0x0000000000260000-0x0000000000290000-memory.dmp

  • Size

    192KB

  • MD5

    a75ed2c3fc553c09e1c0411e2cbb9e54

  • SHA1

    6662ec2eb558bfbab09eb923ae4cae1417b24bfb

  • SHA256

    31e30497cf17db910821db36ad852e58a85a7440c67284636bd05cd62ccc0e06

  • SHA512

    57e62e5004e0edd08db67a3b54a2319e87e3929d487310c0c8e99e9403aea9a7ff9be692694b9ca67827ad03074c324d77e23f0d85c6cf927b48a2fc5e1b97b3

  • SSDEEP

    3072:2itDiwyqSVghBGfAGtTjxNKifvWPxnW8e8hy:VibuhM5ZmnPxnW

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1116-141-0x0000000000260000-0x0000000000290000-memory.dmp
    .exe windows x86


    Headers

    Sections