General

  • Target

    928-111-0x0000000000EE0000-0x0000000000F24000-memory.dmp

  • Size

    272KB

  • MD5

    df300a63691e6b25dfb20b42810a91da

  • SHA1

    d9da39068a61509ff0cf8d2a18034caec5b8e20a

  • SHA256

    23706c62383db43a87567c67aaacb6df979900d35f5acac58b162a96ca39b94e

  • SHA512

    4cf7ff4908bbb5956418229b602392a71df6522e8072fc43997d3cf8e066534eceb1a950160bbe3524cfe5a2057cb477021a3713a31471fa46ab811f6e5e14d6

  • SSDEEP

    3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wix:B6jodYx9cYKpzwAAh3nz

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

ruma

C2

193.233.20.13:4136

Attributes
  • auth_value

    647d00dfaba082a4a30f383bca5d1a2a

Signatures

  • RedLine payload 1 IoCs
  • Redline family

Files

  • 928-111-0x0000000000EE0000-0x0000000000F24000-memory.dmp
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections