Overview

overview

10

Static

static

10

1844-122-0...ry.exe

windows7-x64

1844-122-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1844-122-0x00000000002A0000-0x00000000002D0000-memory.dmp

  • Size

    192KB

  • MD5

    56f6fc11ab51f134fd247e166a0e3e23

  • SHA1

    b5ee60f8ce5c08d3271957c0b8ff292a871eccb7

  • SHA256

    36c4408c3af212abb6aad818c58bff97625d2e5dba1f28bd138838f19394d499

  • SHA512

    8562adb4dc87f968cf75f782fbb803113f8135295e4926141a80e7b1054d96c9d40380c7bdd45810713cbe72c62502cd97e7f405a699d8c9cbfbe8cfe3772004

  • SSDEEP

    3072:6EV5bSQxA6IldyYxN3KVaxLzzUY472R8e8h9:6EFAlW8TLzzUY472R

Score
10/10
novakredline

Malware Config

Extracted

Family

redline

Botnet

novak

C2

77.91.124.49:19073

Attributes
  • auth_value

    31966dcd1c6ca86e6e8b0a259f9d8ffd

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1844-122-0x00000000002A0000-0x00000000002D0000-memory.dmp
    .exe windows x86


    Headers

    Sections