Overview

overview

10

Static

static

10

1096-54-0x...ry.exe

windows7-x64

1096-54-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1096-54-0x0000000000260000-0x0000000000290000-memory.dmp

  • Size

    192KB

  • MD5

    004793c10b60d9697485e966457b0647

  • SHA1

    247f2cb6c50bacbe0e221ecfd88bd0b6630df6d3

  • SHA256

    1d1b1d3d13b0b78a5629436ca10997c8f99388ef65ad780d678bdf700ea44ff3

  • SHA512

    4f3311a21ffa35f8f2bd0f073744a31cbb6b75623a579ab854575b03d677207adcd67ed10fba87f22f05462d520c1884cdba3576e88242e9be636027ec868d00

  • SSDEEP

    3072:2ntDiwyqSVghBGfAGtTjxNKifvWPxnW8e8hy:kibuhM5ZmnPxnW

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1096-54-0x0000000000260000-0x0000000000290000-memory.dmp
    .exe windows x86


    Headers

    Sections