General

  • Target

    1908-127-0x0000000000090000-0x00000000000BA000-memory.dmp

  • Size

    168KB

  • MD5

    a22af0e993f4892ad8b6b5e87bf3a55e

  • SHA1

    757df7bdac50d5d14d4f86c0b94ad02bdede930c

  • SHA256

    6b6e6e5b686f67bfe5bed51b8234eb000997f9f05bc310512d332c691e81ead9

  • SHA512

    94fe1ebb668e0595922316caceacab145a121ab4425a7480bb30bc0a3253b461e8f39b0773031187114a072505ff231d1949e4b70a0542769475c3c8904bc1c7

  • SSDEEP

    3072:BV+m5cNQmRSxkjU3SDYwihyCNhiZW8e8hZ:BjwhDgpNhiY

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

fash

C2

83.97.73.122:19062

Attributes
  • auth_value

    dd7165bcd22b0ed3df426d944e12f136

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1908-127-0x0000000000090000-0x00000000000BA000-memory.dmp
    .exe windows x86


    Headers

    Sections