Overview

overview

10

Static

static

10

1232-97-0x...ry.exe

windows7-x64

1232-97-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1232-97-0x00000000007B0000-0x00000000007E0000-memory.dmp

  • Size

    192KB

  • MD5

    bdf4d0ea1b0a601b448ff826030394b1

  • SHA1

    a6aa2c16d4c46bf3caa273ca4c6aff395534689f

  • SHA256

    de6846e99b85466dd088f014736dd5d0f30648087959d320b46445bc4dab23be

  • SHA512

    4d2a86d17f9c383f4fd285e60b7e18c368c3bd9b97a13d91482e64a9e86364b027fa86577533e691bc1a6293d6e52968db859e2335b2071704a91f3a92c0b07a

  • SSDEEP

    3072:nAWi/g1IzuRb5xNAKY73zOyuj++0R8e8hk:nzi/+VCHuyuj++0R

Score
10/10
nowaredline

Malware Config

Extracted

Family

redline

Botnet

nowa

C2

77.91.124.49:19073

Attributes
  • auth_value

    6bc6b0617aa32bcd971aef4a2cf49647

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1232-97-0x00000000007B0000-0x00000000007E0000-memory.dmp
    .exe windows x86


    Headers

    Sections