Overview

overview

10

Static

static

10

0x00090000...78.exe

windows7-x64

10

0x00090000...78.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0x00090000000122ea-78.dat

  • Size

    172KB

  • MD5

    90484c1a51ac1f658086d5f4c73a5960

  • SHA1

    558a8bc3175784aa11b997d0ccbd2eba178933ff

  • SHA256

    717d55caf5aa48d1785a107ff66846b9b7347cf4d19a2a32f7585cc7fb3d7899

  • SHA512

    c644878b384c6020c8f2c884a84d52c10523ac0ab8092d473462f03e031771df1ec78f6f784857a01b14376fdb8dafd38e4d0df5dea49e9aa7a155d1b661a066

  • SSDEEP

    3072:HWKe1kiJtebRavRJxNv4nFkbgWoHn8e8hI:HWcUt1RZbgWoHn

Score
10/10
duzaredline

Malware Config

Extracted

Family

redline

Botnet

duza

C2

83.97.73.129:19071

Attributes
  • auth_value

    787a4e3bbc78fd525526de1098cb0621

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0x00090000000122ea-78.dat
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections