Overview

overview

10

Static

static

10

1644-97-0x...ry.exe

windows7-x64

1

1644-97-0x...ry.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    1644-97-0x0000000000250000-0x0000000000280000-memory.dmp

  • Size

    192KB

  • MD5

    ec25804534bfd0be9f1c77765f5090fa

  • SHA1

    d3a10a5e29c9b68f53d7b29849291b3e42039df7

  • SHA256

    c63037228ddde6b68d533b7128149985f14aac963502055993a52cb286a85701

  • SHA512

    f2ffc3b1d8dcc18880dd0261fc57b9e44a2560b5a4ca9e08d029c866d747ed6eb6c2adb2fb8e4b3b6e7ee9767697f1c2c1ad113beae18daf4f452a22d3a0400a

  • SSDEEP

    3072:X47FCYO0NJQ5S0xNcIA7qVJeNGU8e8hy:Xvd0AEnCVJeNGU

Score
10/10
drakeredline

Malware Config

Extracted

Family

redline

Botnet

drake

C2

83.97.73.131:19071

Attributes
  • auth_value

    74ce6ffe4025a2e4027fb727915e7d7c

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1644-97-0x0000000000250000-0x0000000000280000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections