Overview

overview

10

Static

static

10

552-83-0x0...ry.exe

windows7-x64

1

552-83-0x0...ry.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    552-83-0x00000000002A0000-0x00000000002D0000-memory.dmp

  • Size

    192KB

  • MD5

    bb05be346e7d591deb0b2ea298f60bc2

  • SHA1

    582c56e85ec210a0f95eb342d3d6f8c04a8d0ef1

  • SHA256

    50afb88932273c570a02b3b27a8e652223dc074e2e28f21935e7b7a19ec1ea9f

  • SHA512

    139498fc106896f4541bd6f95b7ddfbaec2d7c5a6e6c51c848ae26acb992d30b012c38115d99acf986dcbf062e717a91d5a73382d34b7210353294fbcd0f5a1a

  • SSDEEP

    1536:rhbEey6y36sv0W7TDGOIrHuyk7xk2W5/uGxNFVYQffbuclGHQ4N0GkR18e8h3:rlEebE6Cyk9i5/uGxNMS3azNK8e8h3

Score
10/10
brunoredline

Malware Config

Extracted

Family

redline

Botnet

bruno

C2

83.97.73.134:19071

Attributes
  • auth_value

    b23e240c277e85ce9d49d6165c0a2b48

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 552-83-0x00000000002A0000-0x00000000002D0000-memory.dmp
    .exe windows x86


    Headers

    Sections