General

  • Target

    4436-202-0x0000000000700000-0x000000000072A000-memory.dmp

  • Size

    168KB

  • MD5

    77e94c8595dae3d08927a4feff61b1ef

  • SHA1

    8eabe03de3ed6d795233b992383d0a974f1e4bfd

  • SHA256

    add71667d1901fd5e49dde34051fdd1175c948cdebfc88066243dc95cfb54c67

  • SHA512

    dd457a17e21b48c622de7201c122c7471e6e458d1ca3eb9d1ca47f5e01af19daa2484e119ae5c6753dfeab7f846271804911f283e63860fe7628fe9cd9c4d27c

  • SSDEEP

    3072:PV+m5c/QmRSNp2Tm1bENx3Gh6ZV8e8hU:Pj2w+nGh6f

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

greg

C2

83.97.73.122:19062

Attributes
  • auth_value

    4c966a90781c6b4ab7f512d018696362

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4436-202-0x0000000000700000-0x000000000072A000-memory.dmp
    .exe windows x86


    Headers

    Sections