Overview

overview

10

Static

static

10

1552-122-0...ry.exe

windows7-x64

1552-122-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1552-122-0x00000000002B0000-0x00000000002E0000-memory.dmp

  • Size

    192KB

  • MD5

    4a880cf145838b11ea2393d7348c06e7

  • SHA1

    6450c05fbe5c6aa7075e0e1e08700b9d08a86735

  • SHA256

    9a51333d2fc47e448a48b062492803e18c89a0a1810f01b3020f574c78708942

  • SHA512

    347bbeb4ceac92825d5fd6a13f630a4dda521e5777c1e47f877214a6e0c6a637767b2828f74f15d2ece70126deae733c176c6170bd3431ef4b61b870b26d2fd6

  • SSDEEP

    3072:IEV5bSQxA6IldyYxN3KVaxLzzUY472e8e8h9:IEFAlW8TLzzUY472e

Score
10/10
novakredline

Malware Config

Extracted

Family

redline

Botnet

novak

C2

77.91.124.49:19073

Attributes
  • auth_value

    31966dcd1c6ca86e6e8b0a259f9d8ffd

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1552-122-0x00000000002B0000-0x00000000002E0000-memory.dmp
    .exe windows x86


    Headers

    Sections