Overview

overview

10

Static

static

10

4332-41-0x...ry.exe

windows7-x64

1

4332-41-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4332-41-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    f92cebc84f5b43199635abcd8dcd39a8

  • SHA1

    24be333a5f57a7f43093ed4412397ded595a679e

  • SHA256

    153c351893497612d85c846abb251544cc20ffac34a4002aba79bcee49b2d32a

  • SHA512

    1154cc64f29777e6314fa7f7373b57d8a458e9ecc231a7a929d6335e2935ba53dfb85725dc6b4b666cab9b5ff7060c9258bee3570f01d6773e429c3344c75cc1

  • SSDEEP

    3072:UZWQ5kL5II0DQz7kSpWOkws6fxPNI4E0GROfavJA8e8h2:WWQaII0C7kSpLP+4E0zavm

Score
10/10
nanyaredline

Malware Config

Extracted

Family

redline

Botnet

nanya

C2

77.91.124.82:19071

Attributes
  • auth_value

    640aa5afe54f566d8795f0dc723f8b52

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4332-41-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections