redline | 1804-203-0x0000000000F80000-0x0000000001744000-memory[.]dmp

General

Target

1804-203-0x0000000000F80000-0x0000000001744000-memory.dmp
Size

7.8MB
MD5

f8f1d8dfe86d5384968ef0f5331d3f78
SHA1

30b60d30291bb2f1dbbde2e17f333af9a4f6435b
SHA256

ef9a5c04ff3a0f2fb708db5ccdbcb2a7f29bc196459b5931ed8ce2ec938616e9
SHA512

d5255cf59143d0e2565b69930c5e9663a674e2bb2c1173f698937aa3fd4b8ad08031960518a4da5babace9e0bf3c1f4510ae98ff15445fd80df8fc6976da7ae9
SSDEEP

98304:w3pEPFZqxpi8lZgxKq9t5ZoW01OlaezaogHODyOCGVitJ7JfTrwFZ94:wk+ZItnGWqeOdOucVaVfsS

Score

10^/10

Family

redline

Botnet

LogsDiller Cloud (Telegram: @logsdillabot)

C2

217.182.15.146:7357

Attributes

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1804-203-0x0000000000F80000-0x0000000001744000-memory.dmp