Overview

overview

10

Static

static

10

1568-112-0...ry.exe

windows7-x64

1568-112-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1568-112-0x0000000000360000-0x0000000000390000-memory.dmp

  • Size

    192KB

  • MD5

    5f3f52af88258a5bd73593edc7b48a87

  • SHA1

    4db4ce03e8ca2ce621dea34ce8ee92e4c2a9d7f8

  • SHA256

    12587e1dc8d0ac03874a856d20fc1d89071703450f83e903267b976b264e7edf

  • SHA512

    ae284814a61efdfc52971acefb23d8ece17dece27971c3e7d6cbc49429244f523afd23dfe415c5f6545155b700d0d397dcc20edb5996581104493fdb3cbdeead

  • SSDEEP

    3072:3EV5bSQxA6IldyYxN3KVaxLzzUY472l8e8h9:3EFAlW8TLzzUY472l

Score
10/10
novakredline

Malware Config

Extracted

Family

redline

Botnet

novak

C2

77.91.124.49:19073

Attributes
  • auth_value

    31966dcd1c6ca86e6e8b0a259f9d8ffd

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1568-112-0x0000000000360000-0x0000000000390000-memory.dmp
    .exe windows x86


    Headers

    Sections