Overview

overview

10

Static

static

10

2008-123-0...ry.exe

windows7-x64

2008-123-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2008-123-0x00000000002C0000-0x00000000002F0000-memory.dmp

  • Size

    192KB

  • MD5

    eee3928a347dd1d0ca0032a78e15685c

  • SHA1

    e764214ff0b8515902fe714324cd8b4bf163ef9f

  • SHA256

    d85f80acefde8ae0b69df783cd7c83bffa23192c325bac4e9df17690a8e03f0c

  • SHA512

    64b15ec4db870bdb7affbeff15cb22464030b1e71738f202ce23f42e0edb98108ed090849cd0bf882f40a1b938edcb6c27fc63836a0b4bf9dbb5ab217c04ddd1

  • SSDEEP

    3072:/nOrlpyS3xp5xN1yJ/4BMzxUdE/E8e8h+:/Of7flBMzxUdE/E

Score
10/10
narkoredline

Malware Config

Extracted

Family

redline

Botnet

narko

C2

83.97.73.134:19071

Attributes
  • auth_value

    a9d8c6db81c7e486f5832bc2ee48cb84

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2008-123-0x00000000002C0000-0x00000000002F0000-memory.dmp
    .exe windows x86


    Headers

    Sections