Overview

overview

10

Static

static

10

880-141-0x...ry.exe

windows7-x64

880-141-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    880-141-0x00000000002D0000-0x0000000000300000-memory.dmp

  • Size

    192KB

  • MD5

    0ccb2f0b5e1241994d2eec8de4a6055d

  • SHA1

    066e1fcd77575d70fc2bb4dffcab6fc7f43e26c1

  • SHA256

    a0aea3ef2457a0a8901cd509266eecd7e9f52e1fd44f9a5f88e080f61468b3df

  • SHA512

    66f476ad404b12a71c9cd0d7829696632c2769d49198df42eab1517c007051be9ec5cabd240b0f0a986d74d6948111228a794f477558e3df7eace02ae74abbd6

  • SSDEEP

    3072:2atDiwyqSVghBGfAGtTjxNKifvWPxnb8e8hy:tibuhM5ZmnPxnb

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 880-141-0x00000000002D0000-0x0000000000300000-memory.dmp
    .exe windows x86


    Headers

    Sections