Overview

overview

10

Static

static

10

1456-97-0x...ry.exe

windows7-x64

1456-97-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1456-97-0x0000000000260000-0x0000000000290000-memory.dmp

  • Size

    192KB

  • MD5

    d4bc321181e5b9ec49ba5b15b4e7bbf8

  • SHA1

    f59e39239de2bd46457333fde45edfc18aff261b

  • SHA256

    fc239b69f9e0c381fede060f2982091c287b2c1092c7adc96e286fdc26f77c4b

  • SHA512

    a99ed810258de0e952ad6a2b692669b619ea0fac1426693df1127ad940bc1edcd4e86db8ff85e127adc8e8a61e46906e332c48908731ea2f8ad70e6aa2bf14ef

  • SSDEEP

    3072:2QtDiwyqSVghBGfAGtTjxNKifvWPxnW8e8hy:7ibuhM5ZmnPxnW

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1456-97-0x0000000000260000-0x0000000000290000-memory.dmp
    .exe windows x86


    Headers

    Sections