Overview

overview

10

Static

static

10

4452-562-0...ry.exe

windows7-x64

1

4452-562-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4452-562-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    0b9790cf5b93a41d9da84f23b280cae8

  • SHA1

    da2ac0b68c8973d4a6b1297b523572c9f93b63ac

  • SHA256

    1f79f6506471d6667c66ffdd215b4de75b219e4467bf2a9f792d8f16d9e7edb0

  • SHA512

    b41e1001fb9b62e14933e4a9535c3499ac015003e338bcfe4c87c8fd4935ba427e706a34026b9b278189423fb3c92e3e98611b1154f5363afa7b08a0ff3e14b1

  • SSDEEP

    3072:IsYxMPhI0r9QBzOBWkp9nu7E0qXgz67aoJ98e8hY:IsFhI0r9QBsu7E02r7aob

Score
10/10
trushredline

Malware Config

Extracted

Family

redline

Botnet

trush

C2

77.91.124.82:19071

Attributes
  • auth_value

    c13814867cde8193679cd0cad2d774be

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4452-562-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections