Overview

overview

10

Static

static

10

1064-122-0...ry.exe

windows7-x64

1064-122-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1064-122-0x00000000002A0000-0x00000000002D0000-memory.dmp

  • Size

    192KB

  • MD5

    4a57e122748ae308a390746fed43515c

  • SHA1

    01a06ba17384aa9d292881960186a3549b0eabcc

  • SHA256

    e12e8fc23ff42179706ee9479d862aefb92538562294b24de53cda9023920f08

  • SHA512

    5e3a635e31c5b0ddb1fd8e0d997fa507ecedc39b02cd502fa900a00fc7d963fa4fc4e23241e13515454ec7b4258965cd20dfc0974f5e0932ed137d388f7d4a7b

  • SSDEEP

    3072:fEV5bSQxA6IldyYxN3KVaxLzzUY472R8e8h9:fEFAlW8TLzzUY472R

Score
10/10
novakredline

Malware Config

Extracted

Family

redline

Botnet

novak

C2

77.91.124.49:19073

Attributes
  • auth_value

    31966dcd1c6ca86e6e8b0a259f9d8ffd

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1064-122-0x00000000002A0000-0x00000000002D0000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections