Overview

overview

10

Static

static

10

1100-97-0x...ry.exe

windows7-x64

1100-97-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1100-97-0x0000000000250000-0x0000000000280000-memory.dmp

  • Size

    192KB

  • MD5

    afc29563c006ef471522d62c9bcd9afc

  • SHA1

    7fe410424c3ad16a20264d224f2cd02b3826a142

  • SHA256

    1be5838cb38805dbd79714422a96113260816fe557f5c403330c379b3f000a53

  • SHA512

    09e15e79032d0c7f5ca8d592d3cee9e9e65bab60b07e6ac415e3da799c6f7e56bcc63654139840bc67b70f75e881d65d81041fa47ca0e14813baa34d95600271

  • SSDEEP

    3072:Wjl4PlApPoj9W4dBUTp+t4cxil6xNjirMdY1I55z8e8ht:WhvoPil+U1I55z

Score
10/10
wertaredline

Malware Config

Extracted

Family

redline

Botnet

werta

C2

83.97.73.129:19061

Attributes
  • auth_value

    6e25ebacc579056d9e0c4bb3594012ad

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1100-97-0x0000000000250000-0x0000000000280000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections