General

  • Target

    1696-112-0x0000000002140000-0x0000000002184000-memory.dmp

  • Size

    272KB

  • MD5

    b718c4fbdec39b3e4cd52140720b8490

  • SHA1

    ed6197a90e07cbbeca9c8d928283f8b77684ea8e

  • SHA256

    4c916d22f3c7cef67bed388fabe122e8c5875f2b1728629240505ab3593b4771

  • SHA512

    e9bc1d62aa0cabff6162020f99224fcb1f8a484c5658f6a31f58ebfeae82f9cd86dbd07e2210c24df0ec1e9ae7e326020615ebbece046477d6dfbdcfdf5b787b

  • SSDEEP

    3072:R6j4ELN6FY9CYTk/XesXDCwrsmLoJNT4A1MiYo40KaFpsh0zniVavP6xNn2pU9fv:R6ji0Q/j+wzLoJNT5ME/sh8nN

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

romka

C2

193.233.20.11:4131

Attributes
  • auth_value

    fcbb3247051f5290e8ac5b1a841af67b

Signatures

  • RedLine payload 1 IoCs
  • Redline family

Files

  • 1696-112-0x0000000002140000-0x0000000002184000-memory.dmp
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections