Overview

overview

10

Static

static

10

804-97-0x0...ry.exe

windows7-x64

1

804-97-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    804-97-0x0000000000320000-0x0000000000350000-memory.dmp

  • Size

    192KB

  • MD5

    b25ff9c07f802c5a2ecdb87daf78d590

  • SHA1

    826f895d4e49ac89650a4949a60bce92d8b4c079

  • SHA256

    afa57fce03c95fea4873ed1851729ab00d95132b5988dc90fa7fc038d3799fb7

  • SHA512

    9c73567de0874dc417f72adab29f6d2d71d8f9aa534f1641d3f086f0f515875cbdccd127d353f023f1086b7719c71edbb7fe549141c234559da57a4fbe667d77

  • SSDEEP

    1536:ThbEey6y36sv0W7TDGOIrHuyk7xk2W5/uGxNFVYQffbuclGHQ4N0GkR98e8h3:TlEebE6Cyk9i5/uGxNMS3azNi8e8h3

Score
10/10
brunoredline

Malware Config

Extracted

Family

redline

Botnet

bruno

C2

83.97.73.134:19071

Attributes
  • auth_value

    b23e240c277e85ce9d49d6165c0a2b48

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 804-97-0x0000000000320000-0x0000000000350000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections