Overview

overview

10

Static

static

10

1308-97-0x...ry.exe

windows7-x64

1308-97-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1308-97-0x00000000004C0000-0x00000000004F0000-memory.dmp

  • Size

    192KB

  • MD5

    b16728747e4b6ac1e81366ecf2b06f9a

  • SHA1

    c148186dc943208b7c4c2caf03e2e36bb81f10bf

  • SHA256

    a5d0f35b57026267883f9e1d8b58f96438aa0553deae65c268c57cf0795120bd

  • SHA512

    5dea57cb762ce69a15ceaf56d4f97c5d53a9e0536ea15266ed32ff76e3018126bbe6730d248be85a3f4452f190510f2b57c15a6b69045aa2637424d410e00a52

  • SSDEEP

    3072:3tE62xyQ6d+VeXdxNLgVK880EHj8e8hK:dEmOA9S80EHj

Score
10/10
andreredline

Malware Config

Extracted

Family

redline

Botnet

andre

C2

77.91.124.49:19073

Attributes
  • auth_value

    8e5522dc6bdb7e288797bc46c2687b12

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1308-97-0x00000000004C0000-0x00000000004F0000-memory.dmp
    .exe windows x86


    Headers

    Sections