Overview

overview

10

Static

static

10

1500-122-0...ry.exe

windows7-x64

1500-122-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1500-122-0x00000000004C0000-0x00000000004F0000-memory.dmp

  • Size

    192KB

  • MD5

    8bc8a884d0ced8152480745106f89068

  • SHA1

    2b57bf090f8a976d5a7ac63e277cf0aaf072506e

  • SHA256

    8cb563334b23534f630bd56b83fb91a5a7d0edaf1005f39fe57063354e2834ef

  • SHA512

    1ae12a3435369b326a62cc4bc3aa1a7061cf57cb23916e2595b8811fb26807b4d09324e5f70a35f274e214b0e1a6eb46512d6813a914c654d1cec0cd065c6f19

  • SSDEEP

    3072:UAF5KBstbkeNKZIhDDxNcaoMczCOv8e8hL:xXb33hDYjyOv

Score
10/10
jakoredline

Malware Config

Extracted

Family

redline

Botnet

jako

C2

77.91.124.49:19073

Attributes
  • auth_value

    3db90f2679ab2890874898c7c6d65799

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1500-122-0x00000000004C0000-0x00000000004F0000-memory.dmp
    .exe windows x86


    Headers

    Sections