Overview

overview

10

Static

static

10

1592-54-0x...ry.exe

windows7-x64

1592-54-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1592-54-0x0000000000450000-0x0000000000480000-memory.dmp

  • Size

    192KB

  • MD5

    f391bddb654ca4722d2cd6a2237d4a62

  • SHA1

    6b8c6aa58a9b4ecbe9258e88c4cec24a368f3698

  • SHA256

    cb92e96b9fa59d178f6769ec1a5aeb6f434ba149d731c7c144ef51d85a841c65

  • SHA512

    bd0b661508674ee1191d88274801c881d2958692a44ba0ac8ab666c60108d4c604460b90d0469c40fea1885be578dc347b432739795afe1563b677564b5d5964

  • SSDEEP

    3072:DAWi/g1IzuRb5xNAKY73zOyuj++0v8e8hk:Dzi/+VCHuyuj++0v

Score
10/10
nowaredline

Malware Config

Extracted

Family

redline

Botnet

nowa

C2

77.91.124.49:19073

Attributes
  • auth_value

    6bc6b0617aa32bcd971aef4a2cf49647

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1592-54-0x0000000000450000-0x0000000000480000-memory.dmp
    .exe windows x86


    Headers

    Sections