Overview

overview

10

Static

static

10

1396-1-0x0...ry.exe

windows7-x64

1396-1-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1396-1-0x0000000000220000-0x0000000000250000-memory.dmp

  • Size

    192KB

  • MD5

    cf839255cf4884411df8de9015ad91fc

  • SHA1

    de8e3522168545f050b482f032127c2448fb031d

  • SHA256

    8a46e1569b720ff921672e356b484d5d700abdfc0e630b4e0001a6201ddc0898

  • SHA512

    09a89a7aaceb0f0f68dc44b4f74e0d803d571288c263716fcc81a484ad1f1b24bc9038f183c65ab5bfcbe1d9420fdf7273097c98024524eeb769e4e1ab488486

  • SSDEEP

    3072:2kh2yqg5JI0SE9BbOXtgwXRPulE0qd3nJNgJK8e8hM:2kh2YJI0SE9BplE0g5Ngs

Score
10/10
traficoredline

Malware Config

Extracted

Family

redline

Botnet

trafico

C2

176.123.9.142:14845

Attributes
  • auth_value

    ae8f72bc34fc0c248b3abb9f51375751

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1396-1-0x0000000000220000-0x0000000000250000-memory.dmp
    .exe windows x86


    Headers

    Sections