Overview

overview

10

Static

static

10

1928-123-0...ry.exe

windows7-x64

1928-123-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1928-123-0x00000000003C0000-0x00000000003F0000-memory.dmp

  • Size

    192KB

  • MD5

    090ac4224858f138ab4f4319cc4ab217

  • SHA1

    bef9c3d751f95338fc14b36e8c6ae2cf14f41532

  • SHA256

    92d1b6e40cc12c4d3cc44d154509d57ee5b93c7163b1ebc47566b80c09a0bcee

  • SHA512

    9075917445aacec5000dd161cab8e4dc8b0fad1a8d027c9f1a6bcb42304c72502265a9ad05ae26f96a744d3cb91fcb984c9f481b0daade26918a9262f28abffe

  • SSDEEP

    3072:xnOrlpyS3xp5xN1yJ/4BMzxUdE/U8e8h+:xOf7flBMzxUdE/U

Score
10/10
narkoredline

Malware Config

Extracted

Family

redline

Botnet

narko

C2

83.97.73.134:19071

Attributes
  • auth_value

    a9d8c6db81c7e486f5832bc2ee48cb84

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1928-123-0x00000000003C0000-0x00000000003F0000-memory.dmp
    .exe windows x86


    Headers

    Sections