Overview

overview

10

Static

static

10

1320-54-0x...ry.exe

windows7-x64

1

1320-54-0x...ry.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    1320-54-0x00000000001C0000-0x00000000001F0000-memory.dmp

  • Size

    192KB

  • MD5

    27fbbbcfe073520bab2f86247dc6fed9

  • SHA1

    422f9371dfef54cc3a503bcb78c174f38083d0d5

  • SHA256

    bc0c6902da2f74ce57beaa7bf0e631b42b0580c22456b75e7f35759873be5993

  • SHA512

    8066ce161080ae85656580b86652da32f76ab9d36a7bc605b4d3f0c41b848c31fdf5e147f3b69a67323c0d30eb0d193593a419a845626618e5cb192c950164b8

  • SSDEEP

    1536:xbuR0C10WqlVZRGWyuHrTog/XzMXMQ8ys88888888888888888888888g888888X:IR0feoog/ZpyqVEUCidWT8F98e8hQ

Score
10/10
lux3redline

Malware Config

Extracted

Family

redline

Botnet

lux3

C2

176.123.9.142:14845

Attributes
  • auth_value

    e94dff9a76da90d6b000642c4a52574b

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1320-54-0x00000000001C0000-0x00000000001F0000-memory.dmp
    .exe windows x86


    Headers

    Sections