General
-
Target
1320-97-0x0000000000790000-0x00000000007C0000-memory.dmp
-
Size
192KB
-
MD5
9203c5b76dc4b3e1ab2571fd40713706
-
SHA1
eeb5fa76b05c53b12ca7ecd3446b18d556b46200
-
SHA256
3ebfa44fe6dceaf48cb07e813e9590515df3f01585349c8b9099504dc610b3b6
-
SHA512
9cb6c3bb901948b42d423004e98fd280db025b7a6271dcc2de9c2b4e64762f4f27669cf054fb5b4d857cd822d893be48c0520594e3d216b1153acfdc04c51a8f
-
SSDEEP
1536:LXzGzxuk36sv0W7TscooTrH6TuUa809jL1axN8oYQ/1buuatDaUFewS0GkRz8e8F:LXq8WHmiVrBaxNagg5aUFewSw8e8hX
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
boris
C2
83.97.73.129:19068
Attributes
-
auth_value
205e4fccc0f8c7da1d56fb1da4ac5e6a
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1320-97-0x0000000000790000-0x00000000007C0000-memory.dmp
Headers
Sections