General

  • Target

    1336-105-0x00000000022E0000-0x0000000002324000-memory.dmp

  • Size

    272KB

  • MD5

    ddcf5d933252d529ae363e6a8529eb27

  • SHA1

    093186f1efd8b824ead39c64dd73d9f034028fc7

  • SHA256

    12e86e3881aa2a871e4c03d7e030725652b337fb529cd97a1dd31cba844e5a08

  • SHA512

    a7320444c08d3afff7d7eb409a97d71a2e4f33250c72f74bd67725e690e950b51eaec4e3d442974cae657a2861ad66731fbaa7bc5fdc99690e1b4a13f153f13a

  • SSDEEP

    3072:p6j4ELH6Vt7CENpmh6sLKR+utY/edHbpiWo40mTJghm0nlQoYKgQmExNn2pU9f2O:p6jgppZsLKwuAexbpZghdnlQH5Q

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

romik

C2

193.233.20.12:4132

Attributes
  • auth_value

    8fb78d2889ba0ca42678b59b884e88ff

Signatures

  • RedLine payload 1 IoCs
  • Redline family

Files

  • 1336-105-0x00000000022E0000-0x0000000002324000-memory.dmp
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections