Overview

overview

10

Static

static

10

2936-89-0x...ry.exe

windows7-x64

2936-89-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2936-89-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    3506aab517526cb30ffca2f28c4a299a

  • SHA1

    b3c06c6cfffc8a9ac77da07ea80d10164f0421cb

  • SHA256

    776a41df13c0ac99d0ad289d821293aca9b8dd246e3c8490b1f3f6694d72a8ef

  • SHA512

    ef2fd1031c87c3e41919ab7d3ec2478de013ee9a2014857739952facc4ec9c1c327e9d343d586949b9696af43a56342df9767c700ee6bbfa9841a940ea101cc7

  • SSDEEP

    1536:AHKr8S836sv0W7TT3t2rHO6htYGpaeb0xNU4YQLrbuwMs2rsB0GkR:AHKrF+z36h6xeb0xNGacFrsB

Score
10/10
120723_rc_11redline

Malware Config

Extracted

Family

redline

Botnet

120723_rc_11

C2

rcam.tuktuk.ug:11290

Attributes
  • auth_value

    3a7b4b38a7116be1f337083fb37de790

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2936-89-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections