Overview

overview

10

Static

static

10

864-97-0x0...ry.exe

windows7-x64

1

864-97-0x0...ry.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    864-97-0x00000000005D0000-0x0000000000600000-memory.dmp

  • Size

    192KB

  • MD5

    cdc0f5864ae2f35d503dbfe26ca41979

  • SHA1

    f4ef75488496dd247720ed79a6b6870eb298f9dc

  • SHA256

    999d7d13b6534809dd286e29db87a29d6ab50d51ba8c19cbb123342a969fb028

  • SHA512

    6b095a9a251a44a6bf2731b5f47cca73211087af2e3f2fe903c749cacfe574d93943868d4e2e868737151e517176d24e9ea40f27737a7104e8ff719cf4d79f46

  • SSDEEP

    3072:247FCYO0NJQ5S0xNcIA7qVJeNG88e8hy:2vd0AEnCVJeNG8

Score
10/10
drakeredline

Malware Config

Extracted

Family

redline

Botnet

drake

C2

83.97.73.131:19071

Attributes
  • auth_value

    74ce6ffe4025a2e4027fb727915e7d7c

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 864-97-0x00000000005D0000-0x0000000000600000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections