General

  • Target

    1116-125-0x0000000000400000-0x000000000042E000-memory.dmp

  • Size

    184KB

  • MD5

    0b067ee1aece475ceabaeed6cc4b570c

  • SHA1

    bf69e5712fdba880b1652bbf68c784f35f92189c

  • SHA256

    c57853cdc1c6f2f94dc954696ec379772287cffcdb331d9d468af6d59e19fd10

  • SHA512

    cb356f08e37a16e8829f61f001ef5833e214928a9f94fffe5de06019c6477a0139ed91ccfbdd0612b03e17504344c8d0f190341ed32a38e5dd890bc108109ebd

  • SSDEEP

    1536:/TXbeqhVZCGW+WEVPhq8Wg8fnv5RCNTGqVYFWbuME0aQ5ZDr/e84wYks8e8hH:LLXWb8WgMv75qVYsKaZDr/eZ8e8hH

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

metro

C2

83.97.73.126:19046

Attributes
  • auth_value

    f7fd4aa816bdbaad933b45b51d9b6b1a

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1116-125-0x0000000000400000-0x000000000042E000-memory.dmp
    .exe windows x86


    Headers

    Sections