General

  • Target

    100892-172-0x0000000000BB0000-0x0000000000BD8000-memory.dmp

  • Size

    160KB

  • MD5

    794be1a9bbb7dacf8cf8cab595028988

  • SHA1

    28ab4a6b311ec019a1c4899bef3919d0826c7657

  • SHA256

    b94b7ae292d6990d36e8da24f52fd662241e2a4794b5f01e3891caa3e86adce1

  • SHA512

    7f8b1199c47a69542a6f261fdf3a89c0fe2736faf6d611272fc85bec5fafffd824960d9e3f4985e2c4c46e1b488b81175fb69b7a7ad72a5d748f52594aa925e7

  • SSDEEP

    3072:fYO/ZMTF1JcoA7hZMjlJXN2VLDFqyWPNhCSS96:fYMZMB1JcoK6jPXNu7mNh

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

888888

C2

79.137.192.29:44873

Attributes
  • auth_value

    607a36cfae8c50c53ef92fc3086a32c2

Signatures

  • RedLine payload 1 IoCs
  • Redline family

Files

  • 100892-172-0x0000000000BB0000-0x0000000000BD8000-memory.dmp
    .exe windows x86


    Headers

    Sections