Overview

overview

10

Static

static

10

1516-123-0...ry.exe

windows7-x64

1516-123-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1516-123-0x0000000000920000-0x0000000000950000-memory.dmp

  • Size

    192KB

  • MD5

    f9db52fe3df08778bb078ada745c1d98

  • SHA1

    da3b143e91de0abb72925a61f96163eb7b4ad995

  • SHA256

    2b80857a804261079ef49966109d4259dee653db575654e7071e295373fe7216

  • SHA512

    af93dec4ff8832e8dc62480ed736bd37679db777a0d5fdea232e03fc2db504072beb519c2eb8813282d91e735f1484977f8845c9085ff4fc3f35eb9f18d940ca

  • SSDEEP

    3072:dnOrlpyS3xp5xN1yJ/4BMzxUdE/+8e8h+:dOf7flBMzxUdE/+

Score
10/10
narkoredline

Malware Config

Extracted

Family

redline

Botnet

narko

C2

83.97.73.134:19071

Attributes
  • auth_value

    a9d8c6db81c7e486f5832bc2ee48cb84

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1516-123-0x0000000000920000-0x0000000000950000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections