Overview

overview

10

Static

static

10

1492-83-0x...ry.exe

windows7-x64

1

1492-83-0x...ry.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    1492-83-0x0000000000260000-0x0000000000290000-memory.dmp

  • Size

    192KB

  • MD5

    70eb0fa40c687e22f782c3dd46bf96e4

  • SHA1

    1b728d8bfa0bd4b5a1c2385da25f7d842b07066c

  • SHA256

    18df04d31b556afa35e8cc21973b212697fe6ecf6cd427a813e82a756546ad2b

  • SHA512

    c2a8077a16e7b6867e1e97be8946050d2e24530d3faa828e10e04ecf7656ec7edfedeecf77b8e6bbcbb98217a090958317b6622852a5a0d8437f6e9e5541d8b7

  • SSDEEP

    1536:thbEey6y36sv0W7TDGOIrHuyk7xk2W5/uGxNFVYQffbuclGHQ4N0GkRB8e8h3:tlEebE6Cyk9i5/uGxNMS3azNG8e8h3

Score
10/10
brunoredline

Malware Config

Extracted

Family

redline

Botnet

bruno

C2

83.97.73.134:19071

Attributes
  • auth_value

    b23e240c277e85ce9d49d6165c0a2b48

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1492-83-0x0000000000260000-0x0000000000290000-memory.dmp
    .exe windows x86


    Headers

    Sections