General
-
Target
1764-209-0x0000000000400000-0x000000000042A000-memory.dmp
-
Size
168KB
-
MD5
83a7eb15c7edf882a640f367c09ecb02
-
SHA1
c9b74ff841de6b1ab0b61456a28ac2ea0b5e0d98
-
SHA256
780c2a7dd13fc9b6039314202ae5dfc29e00421257de647e932265cdd6881e23
-
SHA512
fc9fab4c343b203576831597797f3928c190f9a49cc7ac2c37480af71167c8af15556b9e8dc0be0f5831c0db68b46a3fc61d40448ee4b5d294eac12a86de0b0a
-
SSDEEP
3072:3V+m5czQmRS9KeyNefOax1GKhwZt8e8hQ:3jKZQf4KhwH
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
naher
C2
185.161.248.25:4132
Attributes
-
auth_value
91f06fcf80f600c56b2797e1c73d214d
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1764-209-0x0000000000400000-0x000000000042A000-memory.dmp
Headers
Sections