Overview

overview

10

Static

static

10

1584-141-0...ry.exe

windows7-x64

1584-141-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1584-141-0x00000000001E0000-0x0000000000210000-memory.dmp

  • Size

    192KB

  • MD5

    4e871cf83a1ac3287259eb66ce744a51

  • SHA1

    23772e33a80b2879bb99e81e6145d423338148b8

  • SHA256

    0e5c0ab905b72ee70e56bc78450eb2c9e9296f70b3f9a80916bf246670474355

  • SHA512

    adfadca50f6b7c1f08f06b5d9a1817b42fb1bdcf6ce38ac33a1113e899fd5354ee74ad0ca79fc6c4ab5c728bbd9b44b6bb1aee8b278de0f7e7aa597e6519ba18

  • SSDEEP

    3072:21tDiwyqSVghBGfAGtTjxNKifvWPxne8e8hy:OibuhM5ZmnPxne

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1584-141-0x00000000001E0000-0x0000000000210000-memory.dmp
    .exe windows x86


    Headers

    Sections