Overview

overview

10

Static

static

10

2876-131-0...ry.exe

windows7-x64

2876-131-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2876-131-0x0000000000480000-0x000000000050C000-memory.dmp

  • Size

    560KB

  • MD5

    dbf1f7d2a13a8db6a8c171bd5c8e11d7

  • SHA1

    346368460cbc6a4f9a799bd99d4c14c243161a89

  • SHA256

    42b8f6e9a2de0a9e3c77860b00d924d88483622ad973120d31e629454b62a0ef

  • SHA512

    725705cd98430a5b6c194263bd5841a787cb226103515b289662e4910e037defee34ede6cf16baa1d0602a6cecd3da26d8f9796c04b15d68467333357f8fb938

  • SSDEEP

    12288:9H5JzWAuZfT3heQwWqNMH5UmrGAfdRdNYDCFceXwSYhC:9ZJSLZb3heQBq8rlvdNYDCFj8hC

Score
10/10
masharedline

Malware Config

Extracted

Family

redline

Botnet

masha

C2

77.91.68.48:19071

Attributes
  • auth_value

    55b9b39a0dae383196a4b8d79e5bb805

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2876-131-0x0000000000480000-0x000000000050C000-memory.dmp
    .exe windows x86


    Headers

    Sections