General

  • Target

    102644-171-0x0000000000400000-0x0000000000428000-memory.dmp

  • Size

    160KB

  • MD5

    251dc600fc64e1163310aaa93bc6d067

  • SHA1

    9bbe4f81219173ec481c950b733e329d38e65bad

  • SHA256

    b68b643a25932dad2ad6b9e15e7b9b38205317d4318ab2f537a239c553d17d3c

  • SHA512

    bb92a7cd6aeebe5e4275bd3bcc4793137054a07f866a58ce226e59304d3eabfdde09616d72731879c95ccc7127e6259874f33078a286d3886a9abdf383e5f82d

  • SSDEEP

    3072:MYO/ZMTFjbSI4r7Cr3fqD0VsDFuymXPh5SSocj0:MYMZMBjbSIM23fqD/bmPh

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

install

C2

212.8.244.233:43690

Attributes
auth_value
cbce7277fef2185d93b8332df3940ad5

Signatures

  • RedLine payload ⋅ 1 IoCs
  • Redline family

Files

  • 102644-171-0x0000000000400000-0x0000000000428000-memory.dmp
    .exe windows x86