Overview

overview

10

Static

static

10

1380-122-0...ry.exe

windows7-x64

1380-122-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1380-122-0x0000000000490000-0x00000000004C0000-memory.dmp

  • Size

    192KB

  • MD5

    bcad5d67a8f20943b649374fd743b50b

  • SHA1

    d50ce3af1bad3d14d22c50aecbd48ca5e9e776eb

  • SHA256

    a977715e42330d5d965d250f0539666ca5cd96429c026c381b61022ce6169eec

  • SHA512

    3de42c6ea278482047744e14a853c3076183368e529f2be4998b46aff763b24e5b0e5aae415b417792adaf612b9a541bcb15c1de09135b965416b1f75a72628e

  • SSDEEP

    3072:yAF5KBstbkeNKZIhDDxNcaoMczCOo8e8hL:DXb33hDYjyOo

Score
10/10
jakoredline

Malware Config

Extracted

Family

redline

Botnet

jako

C2

77.91.124.49:19073

Attributes
  • auth_value

    3db90f2679ab2890874898c7c6d65799

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1380-122-0x0000000000490000-0x00000000004C0000-memory.dmp
    .exe windows x86


    Headers

    Sections