Overview

overview

10

Static

static

10

860-97-0x0...ry.exe

windows7-x64

1

860-97-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    860-97-0x0000000000360000-0x0000000000390000-memory.dmp

  • Size

    192KB

  • MD5

    609d4fed757d01516ce66b07c19514d6

  • SHA1

    9cd431e99c4161ca08bb402f4af459b1808e7ea8

  • SHA256

    e759a9ab4be55f2964a224a3985baebf21e9db8d9be85706fefc0f593b54efc4

  • SHA512

    21d5c513dbb41d9e598683973e52d93df98127b472bd75ee242aa4dc322607b30ebb87103fc57300f5b7fa59812d61181c4eee0f2bfdab037cde483d74d67fe7

  • SSDEEP

    3072:g47FCYO0NJQ5S0xNcIA7qVJeNGF8e8hy:gvd0AEnCVJeNGF

Score
10/10
drakeredline

Malware Config

Extracted

Family

redline

Botnet

drake

C2

83.97.73.131:19071

Attributes
  • auth_value

    74ce6ffe4025a2e4027fb727915e7d7c

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 860-97-0x0000000000360000-0x0000000000390000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections