Overview

overview

10

Static

static

10

1492-93-0x...ry.exe

windows7-x64

1492-93-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1492-93-0x0000000000250000-0x0000000000280000-memory.dmp

  • Size

    192KB

  • MD5

    6a8933ac9034cdfe14f21ff00bdb420e

  • SHA1

    0edf351dd077d5ebd100aa295ebed65111233b6c

  • SHA256

    9d49e2208902cba995777fc0161ca4ac9bab3a38a76d473c849f194dcf200ee3

  • SHA512

    96e41939aa029430651d01f36a8372d54b88862ee205400a84badf3894f0abc115492419932049a4322ca8289a7fa4b307247d1ce3229cd8b09b503d64581f00

  • SSDEEP

    3072:h7FcUMo+9XJIZYExNjGof40fz4k8e8hE:hFzoZLs3jz4k

Score
10/10
furgaredline

Malware Config

Extracted

Family

redline

Botnet

furga

C2

83.97.73.128:19071

Attributes
  • auth_value

    1b7af6db7a79a3475798fcf494818be7

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1492-93-0x0000000000250000-0x0000000000280000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections