Overview

overview

10

Static

static

10

3524-254-0...ry.exe

windows7-x64

1

3524-254-0...ry.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    3524-254-0x0000000000560000-0x0000000000590000-memory.dmp

  • Size

    192KB

  • MD5

    415597de6b8fd89aa48948c6933fdb08

  • SHA1

    e26fdbb600e48f1b8d1f970e967ad85b735b2a9f

  • SHA256

    ae53f25e300e72f085bdee4c5fe9c50418490d64517311f88d0eac70a63847c5

  • SHA512

    f3b2a490697ffbd7e99afdfe8d41ed5accbfd23a8e79aa76b6cc521e06ab3fddcf04236aa2f0b5adb317ba4f25b32289840c272c741b042f7a6172877c614465

  • SSDEEP

    1536:6hbEey6y36sv0W7TDGOIrHuyk7xk2W5/uGxNFVYQffbuclGHQ4N0GkRR8e8h3:6lEebE6Cyk9i5/uGxNMS3azNW8e8h3

Score
10/10
brunoredline

Malware Config

Extracted

Family

redline

Botnet

bruno

C2

83.97.73.134:19071

Attributes
  • auth_value

    b23e240c277e85ce9d49d6165c0a2b48

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3524-254-0x0000000000560000-0x0000000000590000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections