Overview

overview

10

Static

static

10

1448-97-0x...ry.exe

windows7-x64

1448-97-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1448-97-0x0000000000260000-0x0000000000290000-memory.dmp

  • Size

    192KB

  • MD5

    9b54fd010bb3f63fabb6437723572793

  • SHA1

    4095a648d517b20e9c57811f5641dab1f7691fd3

  • SHA256

    834a4c7acda73fa887df9c7b7a3beaf70cebc95a7f651e1e84aa08e7cf483e05

  • SHA512

    4024f095f8c520b278b3ed87dfb11d0dc8ef339106025ad9d3b8aa0e48bb2e8c19404bc66ca470e8d208f683e33dba96292d126122875fe99254c3824b0d0458

  • SSDEEP

    3072:22tDiwyqSVghBGfAGtTjxNKifvWPxnW8e8hy:ZibuhM5ZmnPxnW

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1448-97-0x0000000000260000-0x0000000000290000-memory.dmp
    .exe windows x86


    Headers

    Sections