Overview

overview

10

Static

static

10

1200-2322-...ry.exe

windows7-x64

1

1200-2322-...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1200-2322-0x0000000001220000-0x0000000001252000-memory.dmp

  • Size

    200KB

  • MD5

    ff52b3ba954e9e77205f1fc79cc11726

  • SHA1

    9ff73c354d71b5094f5f91a0daafe8d2daf7513d

  • SHA256

    e613127d738ceea9493d04585df469ebbbcc0d982fac0e571f30ecd9f4a32cf3

  • SHA512

    7f41be46724e59cd672d85d728f03b2c4286dbd639f9b4eaaaafafce54e9b05a252080a6170ea56cb6f863760426f7d48bed03c2ac3b236cd0c632e3b53cd2c1

  • SSDEEP

    3072:NxqZWZRanU2n0rZaJKd4/eo5YYh8exNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jz:XqZgrZaIqwYh

Score
10/10
nordredline

Malware Config

Extracted

Family

redline

Botnet

nord

C2

176.113.115.145:4125

Attributes
  • auth_value

    ebb7d38cdbd7c83cf6363ef3feb3a530

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1200-2322-0x0000000001220000-0x0000000001252000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections