Overview

overview

10

Static

static

10

1620-141-0...ry.exe

windows7-x64

1620-141-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1620-141-0x0000000000300000-0x0000000000330000-memory.dmp

  • Size

    192KB

  • MD5

    c58b8a82bf9ae4711c361802747d8a98

  • SHA1

    629abe6a48ca9949c1c846d6d70d7777ad39be69

  • SHA256

    ccf2884d1a35ea5fcc6623a180ee938a56f79e837968f63ff2b655242391cc42

  • SHA512

    34dd4ec658ee7a2e91f98da13522955fabd06e56225fddd2f12aa3f431abed26fb9b264142227452821b9124be073a8f360299677c8f69d82da9380e72728036

  • SSDEEP

    3072:2vtDiwyqSVghBGfAGtTjxNKifvWPxn08e8hy:YibuhM5ZmnPxn0

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1620-141-0x0000000000300000-0x0000000000330000-memory.dmp
    .exe windows x86


    Headers

    Sections