General
-
Target
1412-94-0x0000000000870000-0x00000000016E0000-memory.dmp
-
Size
14.4MB
-
MD5
6866e8ad22be946a164ba3bebc09898c
-
SHA1
6038d69afa1267d61b274dfe0adea51adfd6d359
-
SHA256
2aaa75b4ee19271717495df84372924164d022c73d98c9da26651a8817b9985a
-
SHA512
f3f93f3a04529f298f89de94031feb36437b5243da602018e7ad01a7f9552bcb04c5dbfa4967c40d28670880dc04bf70fc60bee3450ca378812ff17333a9d8e4
-
SSDEEP
196608:5d7D1vhKC1aFYdHYGnDCCugu42Ea5IsfCz0vK0vYxlGKSm4FnwtKGTZuwfknfqj:LZQAdH/zfu3fnLAxEKS6HuJ
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
LogsDiller Cloud (Telegram: @logsdillabot)
C2
178.32.215.165:9203
Attributes
-
auth_value
c2955ed3813a798683a185a82e949f88
Signatures
-
Redline family
-
Themida packer 1 IoCs
Detects Themida, an advanced Windows software protection system.
Files
-
1412-94-0x0000000000870000-0x00000000016E0000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections