General

  • Target

    1376-135-0x0000000000090000-0x00000000000BE000-memory.dmp

  • Size

    184KB

  • MD5

    72b038903d84743dbbb8bab9b71b51a4

  • SHA1

    448924c78a63fd1cdb5d7cf14bc46fc33c6049bb

  • SHA256

    9038408af7e66b95311eaa68322a7c76ef66efe75d8894ae9581dbf8b71974fe

  • SHA512

    1544d2ef789d322c79fe1caef05f74a696ca4c34c78ad61a52d83e260248a7de0fef1793898e71f4f73e47812b7d3a3910fa904c2be19f744c40df9c60cf7eab

  • SSDEEP

    1536:haIRzICbajb+qhVZCGWDdmWPoQ8Wc94NiHjS4Z1oUg6TGqV4VWbuBNkqYvMd84wm:jsznuH8WcaN2jxsqV4cUK1vMdq8e8hJ

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

metro

C2

83.97.73.127:19045

Attributes
  • auth_value

    f7fd4aa816bdbaad933b45b51d9b6b1a

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1376-135-0x0000000000090000-0x00000000000BE000-memory.dmp
    .exe windows x86


    Headers

    Sections