Overview

overview

10

Static

static

10

2996-117-0...ry.exe

windows7-x64

1

2996-117-0...ry.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    2996-117-0x0000000000270000-0x00000000002A0000-memory.dmp

  • Size

    192KB

  • MD5

    984c9ccb58eabffccac564c3d6d4cf12

  • SHA1

    19f3b516d9b0e9076d0b19d97da464b8d3b8c07e

  • SHA256

    ebefcb8c814f3ed53fff29f64c4d96863043c7c0d85bed6249f2223db3b32226

  • SHA512

    931d6ad0ab0069f6cdf53b5e21505d10d005748bbcf9ae88ad6510118ad72406bd94eb0dcbd09e25428a990e72e596189e3f2cb44c8f46f3332562b6eb2c3841

  • SSDEEP

    1536:WsJdT36sv0W7T6IS+rHC1rRiX0WxJm6tVODxNuGYQj9buHxeBrKY0GkR78e8hq:WsDpxYtkX08tMDxNqUiKrKYU8e8hq

Score
10/10
gromredline

Malware Config

Extracted

Family

redline

Botnet

grom

C2

83.97.73.129:19071

Attributes
  • auth_value

    2193aac8692a5e1ec66d9db9fa25ee00

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2996-117-0x0000000000270000-0x00000000002A0000-memory.dmp
    .exe windows x86


    Headers

    Sections