Overview

overview

10

Static

static

10

528-113-0x...ry.exe

windows7-x64

528-113-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    528-113-0x0000000000450000-0x0000000000480000-memory.dmp

  • Size

    192KB

  • MD5

    8c14249f4b5c796e80052d01a685d68a

  • SHA1

    bf6f071b2061cdd9d6477042011e6e4b8a9cd12f

  • SHA256

    8f0a1827a78f472d93592677d3829d9fe32bfb1c8c64ae64f5810dad06b07c5a

  • SHA512

    0af5f20dd4ff8802f79755b7f0d939f45561c259db22f94f0560366a01e4152cd912d54dd80c621cff11c08b48ec49d5ca5f7cadb08b19bd178a938282e954ec

  • SSDEEP

    3072:VnOrlpyS3xp5xN1yJ/4BMzxUdE/X8e8h+:VOf7flBMzxUdE/X

Score
10/10
narkoredline

Malware Config

Extracted

Family

redline

Botnet

narko

C2

83.97.73.134:19071

Attributes
  • auth_value

    a9d8c6db81c7e486f5832bc2ee48cb84

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 528-113-0x0000000000450000-0x0000000000480000-memory.dmp
    .exe windows x86


    Headers

    Sections