General

  • Target

    1976-112-0x0000000002580000-0x00000000025C4000-memory.dmp

  • Size

    272KB

  • MD5

    e97f04613b80f55c0d4d20ae8c16fdf8

  • SHA1

    85f6122f00ffd3bdc9e36e4626b423830727a2ce

  • SHA256

    9cb2859f5e2d5d8be4085662099e2cc896965d62563817a97c67b25d66468bd0

  • SHA512

    6338a99279a518a7c10a70967dac8aae89a905eae88a467db9f81b429df3c6875ee56397f3fbea9308b49da52765adfa754a89d686072945a4bafb4f94c2daf9

  • SSDEEP

    3072:p6j4ELH6Vt7CENpmh6sLKR+utY/edHbpiWo40mTJghm0nlQoYKgQmExNn2pU9f2O:p6jgppZsLKwuAexbpZghdnlQH5Q

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

romik

C2

193.233.20.12:4132

Attributes
  • auth_value

    8fb78d2889ba0ca42678b59b884e88ff

Signatures

  • RedLine payload 1 IoCs
  • Redline family

Files

  • 1976-112-0x0000000002580000-0x00000000025C4000-memory.dmp
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections