Overview

overview

10

Static

static

10

1600-141-0...ry.exe

windows7-x64

1600-141-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1600-141-0x00000000001E0000-0x0000000000210000-memory.dmp

  • Size

    192KB

  • MD5

    208af219100c20e79f995e8425f09ddd

  • SHA1

    a6f93de82fa54c1a14640a764ae3bf0623e756a4

  • SHA256

    474636746b3683591edbf68da7bf767925172a6941107a883477aa61d0817452

  • SHA512

    b41889b622020a8071a649416d2332dfec47c4e5f3566770d00ffd9638a3a5080d43e444b50b4534ebb76f59967452467fc87f9049b0b60a6958280c2b952e4c

  • SSDEEP

    3072:2NtDiwyqSVghBGfAGtTjxNKifvWPxne8e8hy:GibuhM5ZmnPxne

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1600-141-0x00000000001E0000-0x0000000000210000-memory.dmp
    .exe windows x86


    Headers

    Sections