Overview

overview

10

Static

static

10

576-97-0x0...ry.exe

windows7-x64

1

576-97-0x0...ry.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    576-97-0x0000000000270000-0x00000000002A0000-memory.dmp

  • Size

    192KB

  • MD5

    1d00f2aae85847fcc07406829fdcb6a9

  • SHA1

    97cdeb60ba276e01c610a9c7f7005ee6f83a12e5

  • SHA256

    fa1ac6f092eadcb82a36b468dbdb6c8fe0e9b5bbe4793902b7602c3a3d4265d9

  • SHA512

    ec0e36dd8e486f5d177cd0aff492325450f23d53f80c3cd9c9dc5bbd3693c9f4ba8b7859ac68d8115d58992306c88c9ebc20d95c6a5151abb3246abc5364ecaa

  • SSDEEP

    3072:M47FCYO0NJQ5S0xNcIA7qVJeNGy8e8hy:Mvd0AEnCVJeNGy

Score
10/10
drakeredline

Malware Config

Extracted

Family

redline

Botnet

drake

C2

83.97.73.131:19071

Attributes
  • auth_value

    74ce6ffe4025a2e4027fb727915e7d7c

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 576-97-0x0000000000270000-0x00000000002A0000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections