Overview

overview

10

Static

static

10

2000-122-0...ry.exe

windows7-x64

2000-122-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2000-122-0x00000000002E0000-0x0000000000310000-memory.dmp

  • Size

    192KB

  • MD5

    c73d99db25edae67a3086502648a3a30

  • SHA1

    3652a227f121c571f7ab0ccc47fbac7cf1c4250b

  • SHA256

    69a3f870570c75ebf8c9740a64eda3efea5103d18590e1ad2d7f09f6c401bb2a

  • SHA512

    6a9cee85aebf2986632edb52df7154f556a589b7de334ad0abf83d60ca0cc6d9e697ad058fa07e508fa38ae0ea3a9dcec3ae8d23581271209257b6b598253b69

  • SSDEEP

    3072:9AF5KBstbkeNKZIhDDxNcaoMczCO18e8hL:6Xb33hDYjyO1

Score
10/10
jakoredline

Malware Config

Extracted

Family

redline

Botnet

jako

C2

77.91.124.49:19073

Attributes
  • auth_value

    3db90f2679ab2890874898c7c6d65799

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2000-122-0x00000000002E0000-0x0000000000310000-memory.dmp
    .exe windows x86


    Headers

    Sections