General

  • Target

    808-56-0x0000000000400000-0x0000000000428000-memory.dmp

  • Size

    160KB

  • MD5

    e20ee9e89671c3bb7533f5db29b88818

  • SHA1

    1d5957525b84146d32da1b695c18f5a3b6775ab2

  • SHA256

    2733f1d214ff7be0de97a96a0277df8c6a17c579332cc98eb1c3aa7d5f61d095

  • SHA512

    d2e09e10e7d6509cca808f45342b70ed7380d74e68b700239d969f9b63c650bab04ec146a4832173085cf9ece27f0e73d28083417d13e82d6214ad8144619011

  • SSDEEP

    1536:fUGETCd/RendDYASe/tmslJKB5F6bWE3K3vfAUOg5tbuc+I2PjiQQ0wuei1+b3d1:cGEKuDoGmjtAFg59FtCiQQhpKS

Score
10/10

Malware Config

Extracted

Family

redline

C2

37.220.87.2:29444

Attributes
  • auth_value

    0af0853d521d4c7f0f41f1f8969c3487

Signatures

  • RedLine payload 1 IoCs
  • Redline family

Files

  • 808-56-0x0000000000400000-0x0000000000428000-memory.dmp
    .exe windows x86


    Headers

    Sections