Overview

overview

10

Static

static

10

216-1472-0...ry.exe

windows7-x64

216-1472-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    216-1472-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    7e805c72443623e7952eca6b26b74b03

  • SHA1

    46b90c1d94d72b0a9058e63a0c2e946294703c64

  • SHA256

    457912eea2c225dca71af19bdd53521699f7d616f39a25963be042d012e9cab6

  • SHA512

    d95278a73a1d6616f832000f54d391f2654055815c67367b860bfa37d688334ec6c66066183741e99febbc4c2f6348f2d4b703c496a71a445af6d0d12767475f

  • SSDEEP

    1536:saLcnVHT1m/oTyNGK+fU/AkdmriFulz/hWjJ8bV7kfO2GOsYgibfbFDKsRC:pLcZZWOc/A95h5Q0imZYgafJlC

Score
10/10
3006redline

Malware Config

Extracted

Family

redline

Botnet

3006

C2

172.86.66.14:36114

Attributes
  • auth_value

    19d8b2c75880a16b7823c389f3e1b066

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 216-1472-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections