Overview

overview

10

Static

static

10

320-142-0x...ry.exe

windows7-x64

320-142-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    320-142-0x0000000000290000-0x00000000002C0000-memory.dmp

  • Size

    192KB

  • MD5

    fc97f19ba953ec5fa114f80fab583607

  • SHA1

    2a59234260cb34f1d8e4f0ef6dd79849eba2fb61

  • SHA256

    8289b1f2c5b5118d8a78ae7a440715aef2d1458e43a57c5674000203980ae5ad

  • SHA512

    9de34693c1fb0c2f3837d461f57c293704d88d5975023edb324dabb867d31a3a9e817126784a4010ecb1bc6322830c8839bb237103aff6db8a314509eea276b8

  • SSDEEP

    3072:2LtDiwyqSVghBGfAGtTjxNKifvWPxnX8e8hy:0ibuhM5ZmnPxnX

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 320-142-0x0000000000290000-0x00000000002C0000-memory.dmp
    .exe windows x86


    Headers

    Sections