General
-
Target
1572-188-0x0000000000400000-0x000000000042A000-memory.dmp
-
Size
168KB
-
MD5
cbc6145ae500e33f01db0d2a9356e0e5
-
SHA1
e2b2b06387eaa501293c086f9491aa6ce781462b
-
SHA256
c8304d58d5d33e3db29027eff32a0a5c6929a31fe6ec573b93c2491403998d9e
-
SHA512
3bd94946f8567656bf879e2a7c971df895830d7880b72816f9c55fff291db33d9b39a35df624f7b1c2fe2199bae043f6ffe51dc6588605367ae450cf1c8320d2
-
SSDEEP
3072:8V+m5cVQmRSxHBIvBIDNmggk29/rh2Z18e8hI:8j4lBIDoJhrh2f
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
warum
C2
185.161.248.75:4132
Attributes
-
auth_value
0bdb2dda91dadc65f555dee088a6a2a4
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1572-188-0x0000000000400000-0x000000000042A000-memory.dmp
Headers
Sections