Overview

overview

10

Static

static

10

1692-122-0...ry.exe

windows7-x64

1692-122-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1692-122-0x0000000000270000-0x00000000002A0000-memory.dmp

  • Size

    192KB

  • MD5

    d8d86b7742bd69a88b23071b9443e91a

  • SHA1

    c39a4d53351170984b05c59aa243b2f790c9dbd9

  • SHA256

    e94384e21167a8aa07234dc790207f850b93dd12d55d531eb2229eeba911bad3

  • SHA512

    392ae35f4e8ba1841bc8131ecde56af00aae730bc4a4a61def736a789ad2c0b42bcc14e78640b058daaafed0e5f680cd5c7cd7890225ff74ffa9a4a991013534

  • SSDEEP

    3072:dWmqQlNdSPCjoxN+4E7EOmVOH6mu8e8hz:MmR9jd4OmVOH6mu

Score
10/10
matizredline

Malware Config

Extracted

Family

redline

Botnet

matiz

C2

77.91.124.49:19073

Attributes
  • auth_value

    2d3267fe8e3910d278274f80e6a1cd2e

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1692-122-0x0000000000270000-0x00000000002A0000-memory.dmp
    .exe windows x86


    Headers

    Sections