Overview

overview

10

Static

static

10

2420-54-0x...ry.exe

windows7-x64

2420-54-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2420-54-0x0000000000280000-0x00000000002B0000-memory.dmp

  • Size

    192KB

  • MD5

    aff7050f60e1e594e767b298bffc24ab

  • SHA1

    6ac42dfe34bf72c2acc54cef263fca0a7cd5d054

  • SHA256

    9e838044b8b4b3677781fee5026a3bd37457434e51b6c1d53bcbcc6d39c3bc01

  • SHA512

    8d2f774f7edee3338fc2696fb5918403dcc7626492a7a1cafcb52d57e564585f30562583443de68c21e26d9bbb448c642c309db1c54b16c2e1ba97c938d7954d

  • SSDEEP

    3072:PAWi/g1IzuRb5xNAKY73zOyuj++0A8e8hk:Pzi/+VCHuyuj++0A

Score
10/10
nowaredline

Malware Config

Extracted

Family

redline

Botnet

nowa

C2

77.91.124.49:19073

Attributes
  • auth_value

    6bc6b0617aa32bcd971aef4a2cf49647

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2420-54-0x0000000000280000-0x00000000002B0000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections