Overview

overview

10

Static

static

10

1284-113-0...ry.exe

windows7-x64

1284-113-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1284-113-0x00000000002C0000-0x00000000002F0000-memory.dmp

  • Size

    192KB

  • MD5

    a3212580dea07c5cc6f4004296b3fc7a

  • SHA1

    4e6d6413f064a52327c1cbb433facf78a477e9b3

  • SHA256

    0f38f44303f3dd20078510931839fac1b3412769cc4a6782056b4bb5d7037780

  • SHA512

    8f31b5c8f97ca91f2d79a5f8afcf239fed232f4d90b4b5216048ba50b96adfe77fc19db9919a88c5a2bcf5fdd2a410238fca9babcdeca5f0b32a81369099b85d

  • SSDEEP

    3072:gnOrlpyS3xp5xN1yJ/4BMzxUdE/E8e8h+:gOf7flBMzxUdE/E

Score
10/10
narkoredline

Malware Config

Extracted

Family

redline

Botnet

narko

C2

83.97.73.134:19071

Attributes
  • auth_value

    a9d8c6db81c7e486f5832bc2ee48cb84

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1284-113-0x00000000002C0000-0x00000000002F0000-memory.dmp
    .exe windows x86


    Headers

    Sections