General

  • Target

    920-54-0x0000000000280000-0x00000000002B0000-memory.dmp

  • Size

    192KB

  • MD5

    90f13079b0a9318ea5d7cf958341bad5

  • SHA1

    f20648a1c5158bd0d0057b40ce56da6a020a47df

  • SHA256

    9d5cf2732cd0bf8496e258d9dac477b3b63c79dd500d7995716bc728a9edec86

  • SHA512

    8f404e3a413f81ee7026a027d897c6a59d98fd6099b80e40b8c9879c1a72b701d062a453bb444d1af4baf89f8dcc913beae7c8f229193d992de582b3f3f90ac4

  • SSDEEP

    1536:mhbEey6y36sv0W7TDGOIrHuyk7xk2W5/uGxNFVYQffbuclGHQ4N0GkRP8e8h3:mlEebE6Cyk9i5/uGxNMS3azNM8e8h3

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

bruno

C2

83.97.73.134:19071

Attributes
  • auth_value

    b23e240c277e85ce9d49d6165c0a2b48

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 920-54-0x0000000000280000-0x00000000002B0000-memory.dmp
    .exe windows x86


    Headers

    Sections