Overview

overview

10

Static

static

10

1704-141-0...ry.exe

windows7-x64

1704-141-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1704-141-0x0000000000460000-0x0000000000490000-memory.dmp

  • Size

    192KB

  • MD5

    ba3e7025f840360359c4447e9609b33c

  • SHA1

    c8a51c18a1befc234402978fddacb6a3ec60f897

  • SHA256

    e5f3f8aa921b1404bafc705623d88f1956245cbf8984c156629f8def845fb3f9

  • SHA512

    ebb9408a781ad3de397c5cb1b0f3fc0964856c48c44f38377316bf785775c79679bf676dfe899aeb4b22946f15aba88d6840ad5dc129227819904e802bdc21d1

  • SSDEEP

    3072:2ZtDiwyqSVghBGfAGtTjxNKifvWPxn28e8hy:yibuhM5ZmnPxn2

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1704-141-0x0000000000460000-0x0000000000490000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections