Overview

overview

10

Static

static

10

988-97-0x0...ry.exe

windows7-x64

988-97-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    988-97-0x00000000001E0000-0x0000000000210000-memory.dmp

  • Size

    192KB

  • MD5

    27b0fcc8e9ff2b1fe671e99cd8471e68

  • SHA1

    8a12378f3778dc9b93c7f73af64a3e7f6a4bca1c

  • SHA256

    0491d7d7af33f920964e59700231afcb82eb3519b90942cc960963336f9b0157

  • SHA512

    2f190bf86f8c68cf32343d5866b4161243307ecefcf0864e3e52b688c4ffa601fc82feef1990e3c8f34bf5110715a5f930a4d9a0a9aa4f0d7d5b71c6a075214a

  • SSDEEP

    3072:RAWi/g1IzuRb5xNAKY73zOyuj++068e8hk:Rzi/+VCHuyuj++06

Score
10/10
nowaredline

Malware Config

Extracted

Family

redline

Botnet

nowa

C2

77.91.124.49:19073

Attributes
  • auth_value

    6bc6b0617aa32bcd971aef4a2cf49647

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 988-97-0x00000000001E0000-0x0000000000210000-memory.dmp
    .exe windows x86


    Headers

    Sections