Overview

overview

10

Static

static

10

1428-141-0...ry.exe

windows7-x64

1428-141-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1428-141-0x0000000000250000-0x0000000000280000-memory.dmp

  • Size

    192KB

  • MD5

    c9889f37748c482f38892927130cb83d

  • SHA1

    8b410f71503a17915bbaa873dc88662294fcc63b

  • SHA256

    39160e3fb694d088fb13892b87b2ad2f2f18b922574b3574b3f51ffd344542bf

  • SHA512

    88522f0dc899716e0fa247f4b53403591485989031b4072d30878b5fa101f852168167b54bdff33074fb939bc7a708c8d168f58d09a19fc8c12d27ef63380d82

  • SSDEEP

    3072:2MtDiwyqSVghBGfAGtTjxNKifvWPxnD8e8hy:XibuhM5ZmnPxnD

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1428-141-0x0000000000250000-0x0000000000280000-memory.dmp
    .exe windows x86


    Headers

    Sections