Overview

overview

10

Static

static

10

2008-122-0...ry.exe

windows7-x64

2008-122-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2008-122-0x0000000000250000-0x0000000000280000-memory.dmp

  • Size

    192KB

  • MD5

    96eea9350b2c2f2398510a8eaa5c5168

  • SHA1

    871a77d8b26047dd96d46dd3ef89dd6d96b51ede

  • SHA256

    1405f9066fc5f0900b8d7c0baf607496ddbfa7cda74a05ebbe69958a5c7c78c3

  • SHA512

    2fce06a62204314f1d4acf0fd6bf5f6627b2a390617f46aad1ee0bce36d82ba483aaff0b6b764a8d7b9a992163a9d344049fdccb1b38183d09a54667dab485fb

  • SSDEEP

    3072:IAF5KBstbkeNKZIhDDxNcaoMczCOM8e8hL:9Xb33hDYjyOM

Score
10/10
jakoredline

Malware Config

Extracted

Family

redline

Botnet

jako

C2

77.91.124.49:19073

Attributes
  • auth_value

    3db90f2679ab2890874898c7c6d65799

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2008-122-0x0000000000250000-0x0000000000280000-memory.dmp
    .exe windows x86


    Headers

    Sections