Overview

overview

10

Static

static

10

1964-122-0...ry.exe

windows7-x64

1964-122-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1964-122-0x00000000002C0000-0x00000000002F0000-memory.dmp

  • Size

    192KB

  • MD5

    fe6b8fe932d25e7748cfe1adfc1411f2

  • SHA1

    08f0841e6f38b80b03d16dd12278136899c60afd

  • SHA256

    fa586d5d032f12b62a3f6335f032de3c27940553ae62ecd89f0b52406d0fc049

  • SHA512

    27943d1e39bbace8fe44a9a6a8450308c801f1773f1a84e0660b1a8c3748b06a5bb3263e395f22656ca586c12639d09ba19d1a78cd4a1d1b74fdd386d59ca558

  • SSDEEP

    3072:gAF5KBstbkeNKZIhDDxNcaoMczCOP8e8hL:1Xb33hDYjyOP

Score
10/10
jakoredline

Malware Config

Extracted

Family

redline

Botnet

jako

C2

77.91.124.49:19073

Attributes
  • auth_value

    3db90f2679ab2890874898c7c6d65799

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1964-122-0x00000000002C0000-0x00000000002F0000-memory.dmp
    .exe windows x86


    Headers

    Sections