Overview

overview

10

Static

static

10

836-113-0x...ry.exe

windows7-x64

836-113-0x...ry.exe

windows10-2004-x64

Resubmissions

13/03/2024, 10:41

240313-mq6dwabb8y 10

13/03/2024, 10:40

240313-mqm8asbb7z 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    836-113-0x0000000000270000-0x00000000002A0000-memory.dmp

  • Size

    192KB

  • MD5

    52915b67a6c6658e9d0f7333890d73c3

  • SHA1

    53fae7af5929eb89899a8dd0b7c545592261ab4f

  • SHA256

    38fe04757e5ea645f94e184988c17576aa9548ac6ffa51946dbd5834f9d571a9

  • SHA512

    f17d2e4a7ae8b1f87fa8b789e88c449c42fad7502ede99017da5f4f1194048e4a43b614b0a515ed35c72435797126c9d4d91a09d22b17e9a14863427b9774980

  • SSDEEP

    3072:dnOrlpyS3xp5xN1yJ/4BMzxUdE/d8e8h+:dOf7flBMzxUdE/d

Score
10/10
narkoredline

Malware Config

Extracted

Family

redline

Botnet

narko

C2

83.97.73.134:19071

Attributes
  • auth_value

    a9d8c6db81c7e486f5832bc2ee48cb84

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 836-113-0x0000000000270000-0x00000000002A0000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections