Overview

overview

10

Static

static

10

2160-2-0x0...ry.exe

windows7-x64

2160-2-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2160-2-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    a7bbb64bb595b1750a83382ba5aca992

  • SHA1

    f7f7d327d9552c9bd2eb9b9f0e9c680244c770e4

  • SHA256

    73ba5172e7884185c59059f0bd36c68eae293ba0f31c5e77eb058271d40e9fc0

  • SHA512

    aab07027abb20664a706f48b4aca265121f1d5b54cf94832bce4a6ddaf2d61c6b2a38f3d07fde8352ce4b9e905598dd85a846306c04882b3745e7df689443fff

  • SSDEEP

    3072:QNpQCFxusvw36I0aa8BPOe7uiGe3E0upPl0FJ:QHQYxuH6I0aa8Bee3E0s0F

Score
10/10
@nomadmakerredline

Malware Config

Extracted

Family

redline

Botnet

@nomadmaker

C2

94.142.138.4:80

Attributes
  • auth_value

    22574d786aa3ef72456952a316e97568

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2160-2-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections