General

  • Target

    1292-56-0x0000000000400000-0x0000000000432000-memory.dmp

  • Size

    200KB

  • MD5

    fa1dbf2ee45c2b8af530b3bcfcf7b382

  • SHA1

    9f9dccde0c9593486331797c576a8be9919f9e7d

  • SHA256

    524b54bc5022188a93ed3c79ca030265c4c3cc721b2c856021e26f17a223659d

  • SHA512

    e134790c7c3a7557bf221cfa2d0a47a4c339c8fa96c2b658e36bfc7999ef3eb070149da387efbb277f22540296a098c29421c729dae544e1d97c6b9124dd7b80

  • SSDEEP

    3072:FxqZWZRanU2n068446eGi9rhgPxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuwx:PqZg687vrh

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

Cong

C2

199.115.193.171:48258

Attributes
  • auth_value

    aecbeec46b8431628af8ba12e4621a71

Signatures

Files

  • 1292-56-0x0000000000400000-0x0000000000432000-memory.dmp
    .exe windows x86


    Headers

    Sections