General
-
Target
1956-190-0x0000000000400000-0x000000000042A000-memory.dmp
-
Size
168KB
-
MD5
f2c279c07568b7eb08f75af3616651eb
-
SHA1
4b6a40df9d257fd0905318416157ff22c7998b94
-
SHA256
1ec23c7e22559c651a672b8c83d03212beae280a9195c2618f67a0d08723d840
-
SHA512
b39d206a2ce90886eb36f1a16a5e6f8641d8f2f9fc4575ccf8086643b7a2fef5091a3138c3803c3d4f00b882d6f877a7be79c28c81982aa121f472929ac5c9f1
-
SSDEEP
3072:GV+m5czQmRS9KeyNefOax1GKhwZt8e8hQ:GjKZQf4KhwH
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
naher
C2
185.161.248.25:4132
Attributes
-
auth_value
91f06fcf80f600c56b2797e1c73d214d
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1956-190-0x0000000000400000-0x000000000042A000-memory.dmp
Headers
Sections