General

  • Target

    1520-276-0x0000000000780000-0x00000000007B0000-memory.dmp

  • Size

    192KB

  • MD5

    f7a7f777bb984dc859a96549c5e4a83b

  • SHA1

    91f580e73023bb1d784bbfb96127d23b112accbf

  • SHA256

    7af8cd880d4cf26d69c03bc4c4b768a708aebb68f539f12443ad380e4c6f7c86

  • SHA512

    67ec18f5e3fc49df2c4b863df52c8650021a8ceaf0056dbbaa29bf810c17e2c735deec468ea9647698cd9f0430544cd9cccf8316c24f54ce1225ee6386b226c8

  • SSDEEP

    3072:7TsCziRmKPvwL/2rSlllF+HxN6AtjJXOQ8e8hB:7THqXwaWlllF+CMXOQ

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

smoke

C2

83.97.73.131:19071

Attributes
  • auth_value

    aaa47198b84c95fcce9397339e8af9d4

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1520-276-0x0000000000780000-0x00000000007B0000-memory.dmp
    .exe windows x86


    Headers

    Sections