Overview

overview

10

Static

static

10

2992-77-0x...ry.exe

windows7-x64

2992-77-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2992-77-0x0000000000280000-0x00000000002B0000-memory.dmp

  • Size

    192KB

  • MD5

    f7bf02bc1f79d2bbe68283972ef10fe0

  • SHA1

    975b5e0e1bf6bc588fe22c318214931df0c8ceea

  • SHA256

    c07c9dd1cc2a2a883155af9b33a9613735d2264ad766826e8d91e45ec0718c8a

  • SHA512

    9112ae1fcd48cd9d3dc5a4bb143a5182fec89d45c2be35ff478fbc659334b644ac7c480cddfe7b3b50d06a3db613c46b5a38b8d9b3731cd33cb14b54f09406b7

  • SSDEEP

    1536:fDrRuq1Ps36sv0W7TRVOQM6fwrHwhn/rQbg5fb25LxNcqYQHnbuxaNLQmpTu0Gks:b8sO/O2DnEba0LxNEyPNcmpTua8e8hT

Score
10/10
kiraredline

Malware Config

Extracted

Family

redline

Botnet

kira

C2

77.91.68.48:19071

Attributes
  • auth_value

    1677a40fd8997eb89377e1681911e9c6

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2992-77-0x0000000000280000-0x00000000002B0000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections