Overview

overview

10

Static

static

10

1868-211-0...ry.exe

windows7-x64

1868-211-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1868-211-0x0000000000260000-0x0000000000290000-memory.dmp

  • Size

    192KB

  • MD5

    bffd5c64252f6895b511a7b20544b59b

  • SHA1

    a82c367217f010b070ac8f88e5a358257e1b161b

  • SHA256

    0178b0bf3607e65fc36e929775c8676791dccd2e7559ce8c85846b5fc1301199

  • SHA512

    0b5a6f7b530e5b82357ec84800a34d487aa24fcc8bcd5fd395343a9b43dbb0c5e34b57c5a38c835f2be605a97962a30e8369fdaf3ecb6382e87bf9f4fd2105a3

  • SSDEEP

    3072:2MtDiwyqSVghBGfAGtTjxNKifvWPxnW8e8hy:XibuhM5ZmnPxnW

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1868-211-0x0000000000260000-0x0000000000290000-memory.dmp
    .exe windows x86


    Headers

    Sections