General
-
Target
4820-265-0x0000000000500000-0x0000000000530000-memory.dmp
-
Size
192KB
-
MD5
c4934f8f86849db309ed2f181b04013d
-
SHA1
660674b9387ca2dc2a0a31abf847102248677cca
-
SHA256
4d53d83cb0fc488d9377e8d80f7592b3381ba9f7a67dc5e0202d58f360985364
-
SHA512
d2c9442e5fde57b4567d6382e4677778727faede7afb3df4500f0bc55e417786240d17c5cab52ea62a6d2ebd8cd445f4d68c946d263029a3fc7f0d390187fc13
-
SSDEEP
3072:DugKpIKa2ZAUe2Bp4xNC25XS+0GuP8e8hO:Du35ZAJgpJ470GuP
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
newdomenbuil
C2
urelishavea.online:80
Attributes
-
auth_value
3f57eb8802ec1ee7acaa6e6da0537c27
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4820-265-0x0000000000500000-0x0000000000530000-memory.dmp
Headers
Sections