General
-
Target
1332-54-0x00000000001C0000-0x00000000001E6000-memory.dmp
-
Size
152KB
-
MD5
6da7a19e95748d7001041dd979589de6
-
SHA1
61add0c597d28c0f86b92abf1439af4e7871227a
-
SHA256
b152fe2b93668cd7ff79d086498087f69aac7148ade48b4fea5398f790207192
-
SHA512
f3fe14248664000c74c0d28f29f7f1434f21a2a8c60dd15bcd58a4df8ab70d979ab2eb6d706565420596f73c3ea69436570c20af624cdd3b669a9313288fc4cf
-
SSDEEP
1536:JaNcnVHT1O/oDuZeK+fbkmC38z4FV9sCh4jQRbV7T/p9bisYgibfbFDKsRd:ENcZZiqDkmU8zg2CD5BRtYgafJld
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
YT CLOUD
C2
176.123.9.85:16482
Attributes
-
auth_value
ed18eb42e6b1ea9ddfbe4d953bd36094
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1332-54-0x00000000001C0000-0x00000000001E6000-memory.dmp
Headers
Sections