Overview

overview

10

Static

static

10

1564-141-0...ry.exe

windows7-x64

1564-141-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1564-141-0x0000000000300000-0x0000000000330000-memory.dmp

  • Size

    192KB

  • MD5

    c5e899f048e46e6b91f3352dc2a7a259

  • SHA1

    9e10aba1f3b7735e4ffb5aceb1370d74c83f24ad

  • SHA256

    e9c5fbb256ed534cea0716038da5dcb463b9bb20e22397feb6a6b74ba23ceee5

  • SHA512

    33459a3be31b9fe67fc6499ccdb15d408a987c4a7df91507f4b9ea520fe70a48fd31508b916661f53ad0284e01508ef0af9bf59ded1eff94d97d4cdb1eeb12e0

  • SSDEEP

    3072:2jtDiwyqSVghBGfAGtTjxNKifvWPxn08e8hy:MibuhM5ZmnPxn0

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1564-141-0x0000000000300000-0x0000000000330000-memory.dmp
    .exe windows x86


    Headers

    Sections