General
-
Target
656-56-0x0000000000400000-0x000000000042E000-memory.dmp
-
Size
184KB
-
MD5
8bd903ab2777bdd21387e5d84ab64076
-
SHA1
878afdca8aa3c2e407799047ec01f4ea6d8261a6
-
SHA256
8c4c0fd470bef9fd7ce3a4df315581fc5ded21bb82d46b885d6356be1fb91be6
-
SHA512
53744bcf6c2b1a4c674586a3b2620ecda0d70de88e50eb0bd1cde9c968571156903f87d1c7d001dc9c5a8158473ff24a6bcd25dff0d1c17bcb8815c958187440
-
SSDEEP
3072:F58+8WBdP///////////////////////L///////////////////////D/QvDEq:F5ltvfoXxUw1
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
@ddrainnnn
C2
guongelasenne.shop:80
Attributes
-
auth_value
57a010a51287edff787695c43a290499
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
656-56-0x0000000000400000-0x000000000042E000-memory.dmp
Headers
Sections