Overview

overview

10

Static

static

10

272-122-0x...ry.exe

windows7-x64

272-122-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    272-122-0x0000000000320000-0x0000000000350000-memory.dmp

  • Size

    192KB

  • MD5

    d9196dbd3152d7cd8c6915ad41cd0775

  • SHA1

    17cc1624e42f9155166809d166d60d94e5f29025

  • SHA256

    5f4472fbfc9fc8a91eb6ee769af1ec810315e44df61024f7b6915e2b4df3b3ae

  • SHA512

    078175f34a4da3a3cd51c276cbc1ae7304f923fdcf9ffe47ec9da712d9cfddc39bba5f9228fa1ac0df658f59cfe629987650c15f9acea31726822a7e8b635a46

  • SSDEEP

    3072:bEV5bSQxA6IldyYxN3KVaxLzzUY472p8e8h9:bEFAlW8TLzzUY472p

Score
10/10
novakredline

Malware Config

Extracted

Family

redline

Botnet

novak

C2

77.91.124.49:19073

Attributes
  • auth_value

    31966dcd1c6ca86e6e8b0a259f9d8ffd

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 272-122-0x0000000000320000-0x0000000000350000-memory.dmp
    .exe windows x86


    Headers

    Sections