Overview

overview

10

Static

static

10

1112-61-0x...ry.exe

windows7-x64

1112-61-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1112-61-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    f42e108acc7f7215f8e52eb7bfa96d6e

  • SHA1

    aa6985bbbfbb71b5afcd570edd2eeace9b231ac6

  • SHA256

    7f6a80267cdab96d675279620b318299fafb737a9e5620d4bbd8c11c51b89ddb

  • SHA512

    d83e54c116102d95384eb51ac5a71a7d3e730d0dc21bc97a70a9dcd16c4ce38a2376dc7a2248851f19bdf7f460d781bc027caa25a5bbaca1146371a4f4c6f865

  • SSDEEP

    3072:DzW2njxkszI0gZW2+OeJaNKdibXiMiA5E0+C/QbYLwwJj8e8h9:D3nlzI0gZW2Y0XlB5E02bYLww1

Score
10/10
300823_rcredline

Malware Config

Extracted

Family

redline

Botnet

300823_RC

C2

rc30.tuktuk.ug:11290

Attributes
  • auth_value

    c610bafa9db7a687139add1962c54924

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1112-61-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections