General
-
Target
896-56-0x0000000000400000-0x0000000000428000-memory.dmp
-
Size
160KB
-
MD5
9b56540c162640399c928bdf4185d7b8
-
SHA1
dc27d91e6292ae0f52473ed38c4cb00b59a3e6e8
-
SHA256
33e3d54f2f1aae322fe162740b77973cdb13af5a030dc7b201c142e79c4212c1
-
SHA512
b394e965514a4e093348b342831909708d738f5474779153ce115cfd81802db33184b75580ffbc7e8e23ad8f6b667b913687471437917a18d069e7b5aa671834
-
SSDEEP
3072:IYO/ZMTFL+pB1bRXluFZcHrrrrgrVKDFDyRXPhnSSMt:IYMZMBL+pBL1uFZc/sBPh
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
LogsDiller Cloud (TG: @logsdillabot)
C2
51.89.201.21:7161
Attributes
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Signatures
-
RedLine payload 1 IoCs
-
Redline family
Files
-
896-56-0x0000000000400000-0x0000000000428000-memory.dmp
Headers
Sections