Overview

overview

10

Static

static

10

1936-239-0...ry.exe

windows7-x64

1936-239-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1936-239-0x0000000000400000-0x0000000000420000-memory.dmp

  • Size

    128KB

  • MD5

    c90cbcd837aeb43fcb28167acb711587

  • SHA1

    d0ef2650ea743bff4529e4d970cddf421d404c07

  • SHA256

    f02b348f4d6d250db71c7fad4a43095adcd7e4717a543f87e387f1393c18ed3b

  • SHA512

    f0dc474f402ba3e2b567c189a7b67f83780dc635c0145d194071f991db7971615e58ef6d0ddaae611ae8d6709b67d590edef3ed6e5db98fee4071d82d7d1df15

  • SSDEEP

    3072:TGhlBsCnVYzVIOOJ8g6WOAS5Coz+Lj8fdT1hfgoaSC:TGhNfn6WTRo1hfgvS

Score
10/10
bernard03redline

Malware Config

Extracted

Family

redline

Botnet

bernard03

C2

141.95.211.151:34846

Attributes
  • auth_value

    79ef71b2b79b4bbfc450d11fa1720cea

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1936-239-0x0000000000400000-0x0000000000420000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections