General

  • Target

    100964-280-0x0000000000400000-0x0000000000428000-memory.dmp

  • Size

    160KB

  • MD5

    0510dbd55addc7a03bc85a1130b64328

  • SHA1

    387b1205789e4ae2de2c3e42b6e1de78e13d7dbf

  • SHA256

    b9bf729e7b7afe232b792891fe0528c76cc6153d9f72e4c0a08956d9ca298e23

  • SHA512

    52fa1b08193989ab2c845f84cfcf1ecda877a4bf3c9587f9f8258002fff5ba2b09adc18471e323d1445b6cdf13571ab0de928134bd0eaed09379063a99e33480

  • SSDEEP

    3072:dYO/ZMTFXHGJtjQ0lYpxN6VBDFvydPShhSSY6W:dYMZMBXHGJmWYpxNkQ9ShP

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @me_golds)

C2

77.73.134.27:7161

Attributes
  • auth_value

    e136da06c7c0400f4091dab1787720ea

Signatures

  • RedLine payload 1 IoCs
  • Redline family

Files

  • 100964-280-0x0000000000400000-0x0000000000428000-memory.dmp
    .exe windows x86


    Headers

    Sections