Overview

overview

10

Static

static

10

1144-118-0...ry.exe

windows7-x64

1144-118-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1144-118-0x00000000002A0000-0x00000000002D0000-memory.dmp

  • Size

    192KB

  • MD5

    6cc8d22b586ff9178ed5995f13b9618e

  • SHA1

    f88234d17692d134f16cfd6794e9b50a2775493a

  • SHA256

    560e12bde32c2e6911d17b1b14c34ee4a9346b73d6f1e1ae485984cb99dd6db5

  • SHA512

    47ea835f56a091b69495ca466e0251808eec1910af37f0df8d22641f40afa2024cdddb3bc725034cea7b9b59517bdbd09ca0d10e4f46c976ba4d116a2bf17944

  • SSDEEP

    1536:elBA36sv0W7T1sjvrHzbNSISuiiB0J57TNyQGxNXLYQLrbuLh8yrEHVF+0GkRb8U:erqCnNsZWSZ5GxN8yi8yIHVF+E8e8hO

Score
10/10
masharedline

Malware Config

Extracted

Family

redline

Botnet

masha

C2

77.91.68.48:19071

Attributes
  • auth_value

    55b9b39a0dae383196a4b8d79e5bb805

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1144-118-0x00000000002A0000-0x00000000002D0000-memory.dmp
    .exe windows x86


    Headers

    Sections