Overview

overview

10

Static

static

10

2948-4-0x0...ry.exe

windows7-x64

2948-4-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2948-4-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    d3284eacae44da634ec5095c25bab479

  • SHA1

    75fe972569ac9b7ee18afd2bb2b0d59ed154ccb9

  • SHA256

    2d8589af04ad3bf365382972265104a883572abdb8d0d1b73ec0138fde284ade

  • SHA512

    1790f1e0f4f7f612cf441b3be69da68537b37b522e65bd2117ddd4d968978364f0865391299dba90ecdad0787fd787da82eb98b34123275e51a38299c32d274e

  • SSDEEP

    3072:fksbm8x7I0k4SW6O6jC543if6GE0sjc4vjkJ:fksV7I0k4SWSGE0F2jk

Score
10/10
unique285redline

Malware Config

Extracted

Family

redline

Botnet

unique285

C2

194.169.175.232:45451

Attributes
  • auth_value

    1ed06994a9a19d3729019cb69c1f61a6

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2948-4-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections