Overview

overview

10

Static

static

10

4468-1-0x0...ry.exe

windows7-x64

4468-1-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4468-1-0x0000000000550000-0x0000000000580000-memory.dmp

  • Size

    192KB

  • MD5

    f51ed7228f8e31d42427c0eb8fe1b010

  • SHA1

    48e7c2e036c929d41852b5d49648876bd4ce696e

  • SHA256

    7702481202ac68e73368494a03e54b725d131fc3055a88b6a68d91689d422282

  • SHA512

    651f8cb49846667c95ca21ad16dc19709730014e6e090bed5911bbc6a6041b39ba108b2d2148a04b3f24e08cefd73375c0b90c38c4d5b6b48a8f301a8d4a9616

  • SSDEEP

    3072:1Q/z+USkqVNxEI0EqRVtO6a23kqTEWIoE0WgoKtmGgJC8e8hb:1Q/z+L9rEI0EqRVfIoE0JtmGgY

Score
10/10
@hrunhruredline

Malware Config

Extracted

Family

redline

Botnet

@hrunhru

C2

94.142.138.4:80

Attributes
  • auth_value

    7a9d2d64765373ccb5f93476ec4a6b05

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4468-1-0x0000000000550000-0x0000000000580000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections