Overview

overview

10

Static

static

10

4988-1-0x0...ry.exe

windows7-x64

1

4988-1-0x0...ry.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    4988-1-0x0000000000670000-0x00000000006A0000-memory.dmp

  • Size

    192KB

  • MD5

    d28a416b7350de58c0776c0970fe3f26

  • SHA1

    c4b44eadc56b0f46b245c1178b06983857bdc018

  • SHA256

    e0ad4efc6cdd784153e5c233aa0dab1074d0347ab18d034bf8718b052761c36e

  • SHA512

    731e9271f8a03a54a38c9e60830cfbc8491d1c4d5b4e6398eb67ef754b12325241d4aeaded9d882b319bc7f0d7f390cf973fb168f7724e8d3e1242582238949c

  • SSDEEP

    3072:JhuxEBJaVoI0ONwSvO2uyd7wDX2ZLE0eL2T+0JF8e8hV:qxDoI0ONwSlwDX2ZLE0V+0H

Score
10/10
@oleh_psredline

Malware Config

Extracted

Family

redline

Botnet

@oleh_ps

C2

176.123.4.46:33783

Attributes
  • auth_value

    94ecdfa2eb126d66ce500353b2fa9112

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4988-1-0x0000000000670000-0x00000000006A0000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections