General
-
Target
4956-254-0x0000000000570000-0x00000000005A0000-memory.dmp
-
Size
192KB
-
MD5
d894faff17c8e77a58ac88eff11ecd49
-
SHA1
89b991f4f2f96970ba929c36df1a5e8ac60565d1
-
SHA256
ba1b71017c0c35e32ce6ff058ed569a66a3f1ed8c9336cd5609d5a768d3a6220
-
SHA512
f72e158ea8c2493b6fc9f5914057d69eecef4a1827e4f4c80fbd6309d2a6ede26e781aaa6a5ea34a5a5b462b82afba11055a22014897f9023ae80f80ad0c9bd2
-
SSDEEP
3072:73sCziRmKPvwL/2rSlllF+HxN6AtjJXOF8e8hB:73HqXwaWlllF+CMXOF
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
smoke
C2
83.97.73.131:19071
Attributes
-
auth_value
aaa47198b84c95fcce9397339e8af9d4
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4956-254-0x0000000000570000-0x00000000005A0000-memory.dmp
Headers
Sections