General
-
Target
360-56-0x0000000000400000-0x000000000042A000-memory.dmp
-
Size
168KB
-
MD5
2e46e811b55489498bd2875d0dd32d68
-
SHA1
dd5d2499958495ae84276367f3d0e7cc7c7e1df0
-
SHA256
c134e4ef442b8c86ed4ecfb09204f698a3f9370d76b1ff82c5d2cc3af4f8baf8
-
SHA512
213838d555dab409f4130c3f187d7ef043121d97af5b41911378c275be23b63a47a1686ff82879fea128f6f2f0cec5bb999a8cba25ce3b9ec8dd84ffe6da6e7d
-
SSDEEP
3072:xV+m5cRQmRSZNn5E8MxBoTyrPxnNh9Zd8e8hc:xjUIkomNh9H
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
PERSOM
C2
176.124.219.192:14487
Attributes
-
auth_value
0695a610af712a57529526101d7e83b2
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
360-56-0x0000000000400000-0x000000000042A000-memory.dmp
Headers
Sections