Overview

overview

10

Static

static

10

2124-122-0...ry.exe

windows7-x64

1

2124-122-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2124-122-0x00000000003D0000-0x0000000000400000-memory.dmp

  • Size

    192KB

  • MD5

    6628c78c91be1cce1b52b4b16985cb0f

  • SHA1

    13e2a6dacd4e9d7c4ed04e1f3cea209eb9ff3fb6

  • SHA256

    5c9a3b42f15764483772a8d1286ac4bd314d714e17286271eadf8b2baaa25e2e

  • SHA512

    9f53f7c805cf466218309b6f2aae1620f98c423433cc161f38da75d66f63c6a4ad01ffd4e17b9ef9246511ecf28bd6503bc29776e07760693835333b5b52d1e9

  • SSDEEP

    3072:zO64zyFlJDGx0HqSYxNXUfMim4G3g8e8hE:jf1s0HZ8em4G3g

Score
10/10
normredline

Malware Config

Extracted

Family

redline

Botnet

norm

C2

77.91.68.70:19073

Attributes
  • auth_value

    1514e6c0ec3d10a36f68f61b206f5759

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2124-122-0x00000000003D0000-0x0000000000400000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections