Overview

overview

10

Static

static

10

2592-116-0...ry.exe

windows7-x64

2592-116-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2592-116-0x00000000003A0000-0x00000000003D0000-memory.dmp

  • Size

    192KB

  • MD5

    8b041f8ef31dc77eeebd9e17fd7d2f60

  • SHA1

    d475c11a04aa730eff31969c4ee0e34032b30e07

  • SHA256

    43eb5e2fe17847aa61039907e58fe998ff1eeac835a0b6db9f0b1236d588a381

  • SHA512

    9464a50a0cb212fdf5265947a5a5161cb1902c387d382b1d603d047ec921db124af59c89b75a4460b5ec55e33d82f51fe2e4a226d47980a79337067ce2a3f33a

  • SSDEEP

    1536:olBA36sv0W7T1sjvrHzbNSISuiiB0J57TNyQGxNXLYQLrbuLh8yrEHVF+0GkRr8U:orqCnNsZWSZ5GxN8yi8yIHVF+U8e8hO

Score
10/10
masharedline

Malware Config

Extracted

Family

redline

Botnet

masha

C2

77.91.68.48:19071

Attributes
  • auth_value

    55b9b39a0dae383196a4b8d79e5bb805

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2592-116-0x00000000003A0000-0x00000000003D0000-memory.dmp
    .exe windows x86


    Headers

    Sections