Overview

overview

10

Static

static

10

1168-83-0x...ry.exe

windows7-x64

1168-83-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1168-83-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    4507e6482ed866e5021c8c0b51311f98

  • SHA1

    928989d34801a07739099d41b572563eef49c624

  • SHA256

    575116a7829ac2b381dfec130c123d3e51e35c3dc134169dca75470e22b8f9dd

  • SHA512

    fcb437880b45c857a1f76a5fbc0aa4b310d37c012db008f9eb7e4a66bbe2239f07a2bcabf65008fc5ee6cc297bfb42a4333e116243bfd4092934970332e27767

  • SSDEEP

    1536:+aGcnVHT1u/oP4Jq++fKSa+31FD/+DfvcVNhmLjf+bV7G/Os3:LGcZZYKiSaQLmDYnmnKMG

Score
10/10
260623_rc_11redline

Malware Config

Extracted

Family

redline

Botnet

260623_rc_11

C2

rcn.tuktuk.ug:11285

Attributes
  • auth_value

    581316711d55c9f5b64b0a261536334f

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1168-83-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections