Overview

overview

10

Static

static

10

2312-971-0...ry.exe

windows7-x64

2312-971-0...ry.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2312-971-0x0000000000780000-0x0000000001094000-memory.dmp

  • Size

    1.8MB

  • MD5

    71834b3481a0b83b984d738d5e18e6a8

  • SHA1

    acb189c7b791dcf9536bdd480b3c73dda315a7b8

  • SHA256

    7b3b04103395bb5fcfc7f47e52ba595228fc0fea820e83b9bc596b3b5773f2a8

  • SHA512

    7458c29700e08cdc919caac585450313d948ca79d4f67ef2cf530c828d38ba267873c31fe6f8af2746f631c719ebca24e536ec95919c3a67bf4731fe9a4fbdde

  • SSDEEP

    24576:btsJ4KKB2jKloBSOxaWTesw3H/XAPBulGXdmLoevWYbgB8E416uz:pu4KKg+pOxZxPBEn3WdOE4gm

Score
10/10
themida24kredline

Malware Config

Extracted

Family

redline

Botnet

24k

C2

91.92.245.15:80

Signatures

  • Redline family
    redline
  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2312-971-0x0000000000780000-0x0000000001094000-memory.dmp
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections