Overview

overview

10

Static

static

10

1196-54-0x...ry.exe

windows7-x64

1196-54-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1196-54-0x0000000000270000-0x00000000002A0000-memory.dmp

  • Size

    192KB

  • MD5

    3e48bdbfd3a1431124c8f6084e82c589

  • SHA1

    cd6daa733bf4b3efb10f99097b0045ea2ee8bdc5

  • SHA256

    89b3712fb125560830163759e8bf5b7af95ffcfba85eb5ce0b1939b70db54204

  • SHA512

    b9c3e23b35335931ed3e7088795035d5b6562d43f4be21434e679886ba7dddb6d51f272eef9de6609d9286f0e88199ff9924cf4272e36a1e8dcdead577bda5a9

  • SSDEEP

    3072:XAWi/g1IzuRb5xNAKY73zOyuj++0V8e8hk:Xzi/+VCHuyuj++0V

Score
10/10
nowaredline

Malware Config

Extracted

Family

redline

Botnet

nowa

C2

77.91.124.49:19073

Attributes
  • auth_value

    6bc6b0617aa32bcd971aef4a2cf49647

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1196-54-0x0000000000270000-0x00000000002A0000-memory.dmp
    .exe windows x86


    Headers

    Sections