Overview

overview

10

Static

static

10

1848-29-0x...ry.exe

windows7-x64

1

1848-29-0x...ry.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    1848-29-0x00000000001C0000-0x00000000001F0000-memory.dmp

  • Size

    192KB

  • MD5

    4d629c27b7c2147ff0da99e8e584934f

  • SHA1

    43e35f325a50b79f3b0dd289c481b1887a736d15

  • SHA256

    e2429e66057e16ef1a63c82bb70f8b54f67fd9548d2af6217cff74af5fe9eb39

  • SHA512

    5e9db76122653dcf43353fefbf0e535be6b0f6dce9dcb1cf9d7399b87ac60672504036d44a97af6548044e6c798518bf5464d2325a03e25d98dac8aa09c83973

  • SSDEEP

    3072:8wVwJp8A/xdimI06X7vV6OPEsUc/W0E0ilHPgM1JA8e8h3:8QzAmmI0k7vVe0E0YIM1e

Score
10/10
lux3redline

Malware Config

Extracted

Family

redline

Botnet

lux3

C2

176.123.9.142:14845

Attributes
  • auth_value

    e94dff9a76da90d6b000642c4a52574b

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1848-29-0x00000000001C0000-0x00000000001F0000-memory.dmp
    .exe windows x86


    Headers

    Sections