Overview

overview

10

Static

static

10

1568-142-0...ry.exe

windows7-x64

1568-142-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1568-142-0x0000000000280000-0x00000000002B0000-memory.dmp

  • Size

    192KB

  • MD5

    74d99fc5d6922c7570f07f11786066ee

  • SHA1

    f73e8a4ec030540d9b1892461995dad6d904f4ab

  • SHA256

    b758fd84a1996a060d6347b2001be8bd3caf2bfecf3676bf3eb32b784ca9fb99

  • SHA512

    5769d54b2af1233328d533708c4916a702de5f9accfedfba0db288bb8cf17be75ed9a53b09dcaa650ae0c586997168a5df0be3ac8a4587448197eff291b1f6ad

  • SSDEEP

    3072:2WtDiwyqSVghBGfAGtTjxNKifvWPxn88e8hy:5ibuhM5ZmnPxn8

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1568-142-0x0000000000280000-0x00000000002B0000-memory.dmp
    .exe windows x86


    Headers

    Sections