Overview

overview

10

Static

static

10

2528-122-0...ry.exe

windows7-x64

2528-122-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2528-122-0x00000000002D0000-0x0000000000300000-memory.dmp

  • Size

    192KB

  • MD5

    d5e3fca15ae16c9af233e45dd59f90a2

  • SHA1

    f72fdb2faf00b4d49feab485c8abac1ddb28d715

  • SHA256

    4c0080b623f7b9882d0385706d3aa27af5fcfacb89bf8da8e2315a2d568e98f9

  • SHA512

    aeaf63b5e482790f2f6f3546bb4cee0de27f8a229cd33658c9ea358a90b07ba69f4ab387dd842dad8cd31d6ccc1334628b204b52fc690b08ee2305f33d014db1

  • SSDEEP

    1536:4lBA36sv0W7T1sjvrHzbNSISuiiB0J57TNyQGxNXLYQLrbuLh8yrEHVF+0GkRq8U:4rqCnNsZWSZ5GxN8yi8yIHVF+J8e8hO

Score
10/10
masharedline

Malware Config

Extracted

Family

redline

Botnet

masha

C2

77.91.68.48:19071

Attributes
  • auth_value

    55b9b39a0dae383196a4b8d79e5bb805

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2528-122-0x00000000002D0000-0x0000000000300000-memory.dmp
    .exe windows x86


    Headers

    Sections