Overview

overview

10

Static

static

10

856-97-0x0...ry.exe

windows7-x64

856-97-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    856-97-0x00000000002D0000-0x0000000000300000-memory.dmp

  • Size

    192KB

  • MD5

    8fdbd0b6248a29be4fd99a1b8a259129

  • SHA1

    36d0cb031118b743c7c1cca45c4918ebb5d42c39

  • SHA256

    dce4d766677b9231de634b70248fc0ced50c4736e61da6f9e0fd7c8991b667b7

  • SHA512

    e6e9fcbdfeb77603ff5c36fc70fe1c2b3d8e27ba6ab33eacbf83fade8fb70a293788eb50c11218108d26cf6ce210b701aba6fd862bafd10362b4300175573115

  • SSDEEP

    3072:29tDiwyqSVghBGfAGtTjxNKifvWPxnb8e8hy:WibuhM5ZmnPxnb

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 856-97-0x00000000002D0000-0x0000000000300000-memory.dmp
    .exe windows x86


    Headers

    Sections