General
-
Target
552-122-0x0000000000340000-0x0000000000370000-memory.dmp
-
Size
192KB
-
MD5
b77c709bccd24d5699afd2c3d94c0eba
-
SHA1
f00588f532cd32b0f917dcd2bfcd56bdb59431ab
-
SHA256
845946f5f5b9ad22285381a2ea1bac7eeed62e8f4b961285221ba3cd67da6ebf
-
SHA512
a46f8a020f24f60b38049ccbea7b72e30b7b4dd501702cc989922a2f38a1c700044f7bce760cc9df79d3dd7e296479e0bfdf4a88eb4741e614152d5dc9721d4b
-
SSDEEP
3072:QEV5bSQxA6IldyYxN3KVaxLzzUY472/8e8h9:QEFAlW8TLzzUY472/
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
novak
C2
77.91.124.49:19073
Attributes
-
auth_value
31966dcd1c6ca86e6e8b0a259f9d8ffd
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
552-122-0x0000000000340000-0x0000000000370000-memory.dmp
Headers
Sections