Overview

overview

10

Static

static

10

1268-54-0x...ry.exe

windows7-x64

1

1268-54-0x...ry.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    1268-54-0x0000000000300000-0x0000000000330000-memory.dmp

  • Size

    192KB

  • MD5

    cecd108d4693b819d1433b58e51b715e

  • SHA1

    f8bbd7c90deade8e0f2ec5a74b2a5e764aef5b98

  • SHA256

    54c70b6ace0452e48ade0a55e404b87f5b29343040f60e0950fd05f7af3d68a9

  • SHA512

    a3040e79b42162a4fe888b2a57712081bb01fb52293c7dbcc1104766123897bc5ae8ea81b4793b644685c65425c1a35e71d0669884542dfccdefdc274637d219

  • SSDEEP

    1536:ThbEey6y36sv0W7TDGOIrHuyk7xk2W5/uGxNFVYQffbuclGHQ4N0GkR38e8h3:TlEebE6Cyk9i5/uGxNMS3azNk8e8h3

Score
10/10
brunoredline

Malware Config

Extracted

Family

redline

Botnet

bruno

C2

83.97.73.134:19071

Attributes
  • auth_value

    b23e240c277e85ce9d49d6165c0a2b48

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1268-54-0x0000000000300000-0x0000000000330000-memory.dmp
    .exe windows x86


    Headers

    Sections