Overview

overview

10

Static

static

10

528-112-0x...ry.exe

windows7-x64

528-112-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    528-112-0x0000000000250000-0x0000000000280000-memory.dmp

  • Size

    192KB

  • MD5

    27f1c79d23d7ec02512f240039f1afb6

  • SHA1

    d493c7d86d9e14ffb2810ff4b7cb0792e020e58e

  • SHA256

    60fa29dc982eb03fb45fc30942c2363e6ee057a91952275ca22be9d267e3f06b

  • SHA512

    1abf9e1d42296a3423244a2db0b9b26b0b78d4e6e04b21480155f59577eed7a55ff5ad3bd01812e00fc84553bff04c13359c4b9f232bd46603c66f274d8b938c

  • SSDEEP

    3072:AEV5bSQxA6IldyYxN3KVaxLzzUY47208e8h9:AEFAlW8TLzzUY4720

Score
10/10
novakredline

Malware Config

Extracted

Family

redline

Botnet

novak

C2

77.91.124.49:19073

Attributes
  • auth_value

    31966dcd1c6ca86e6e8b0a259f9d8ffd

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 528-112-0x0000000000250000-0x0000000000280000-memory.dmp
    .exe windows x86


    Headers

    Sections