Overview

overview

10

Static

static

10

1640-116-0...ry.exe

windows7-x64

1640-116-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1640-116-0x0000000000280000-0x00000000002B0000-memory.dmp

  • Size

    192KB

  • MD5

    93fa9c208d96fac1535020d761ff3d54

  • SHA1

    db6a05cc2a84177bdaf9bc248c1a62538fb67b2a

  • SHA256

    6106ad013ee9a1fece8ed8180e250b91f481cb9c4e8c022e1392de2e36f34c01

  • SHA512

    303afc1878f0961985523da837061a3747f1dd413aaeaba67ccdefccf5e04d652f752701e80406f5ba98ce5e030e1b811313797174f13332d660903755acd7f4

  • SSDEEP

    1536:elBA36sv0W7T1sjvrHzbNSISuiiB0J57TNyQGxNXLYQLrbuLh8yrEHVF+0GkRh8U:erqCnNsZWSZ5GxN8yi8yIHVF+y8e8hO

Score
10/10
masharedline

Malware Config

Extracted

Family

redline

Botnet

masha

C2

77.91.68.48:19071

Attributes
  • auth_value

    55b9b39a0dae383196a4b8d79e5bb805

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1640-116-0x0000000000280000-0x00000000002B0000-memory.dmp
    .exe windows x86


    Headers

    Sections