Overview

overview

10

Static

static

10

492-216-0x...ry.exe

windows7-x64

492-216-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    492-216-0x0000000000520000-0x0000000000550000-memory.dmp

  • Size

    192KB

  • MD5

    9d5d4fd70f80aaebbed017a6849259f8

  • SHA1

    2fa5e839ed8e8e2a8659327a82667a9ba4a55865

  • SHA256

    1c7623cbe7da70e676def0cf654af59d60ef0bb354308a142aa8831c0ec21ee1

  • SHA512

    0aa2cc393b9cce57e4b93249e6b190a5282ec0185714912a10fc9cf28b461d62599934783b152994839dbcf714ca6eb22f6a8c7543c8526d1543557678415f45

  • SSDEEP

    3072:nUrwt3n8OOIK4QMQxNv+OlzkTRwl8e8hY:nUr0BkTkTRwl

Score
10/10
charliredline

Malware Config

Extracted

Family

redline

Botnet

charli

C2

194.87.216.85:48239

Attributes
  • auth_value

    5d66099ba060815d5a2fd44e6e6f01be

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 492-216-0x0000000000520000-0x0000000000550000-memory.dmp
    .exe windows x86


    Headers

    Sections