General
-
Target
1588-122-0x00000000002D0000-0x0000000000300000-memory.dmp
-
Size
192KB
-
MD5
0ba29a29c50e4c07db34ece9facc3958
-
SHA1
e6b9bd9b48ad849d42d20842ef01a08c4d3afe80
-
SHA256
07724cdb395851856648dfb53a7d439662c97aa1402763059523f47c6ac7ab0f
-
SHA512
e6010d622b4ac6f167d254ca11a5f8d15003a35f4b8e2d28d85ee26cdcf4a03a286a62bf89b3fc29b5788037b2bbb681c94a30f053920bcee414a4c09d8855b4
-
SSDEEP
3072:CEV5bSQxA6IldyYxN3KVaxLzzUY472M8e8h9:CEFAlW8TLzzUY472M
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
novak
C2
77.91.124.49:19073
Attributes
-
auth_value
31966dcd1c6ca86e6e8b0a259f9d8ffd
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1588-122-0x00000000002D0000-0x0000000000300000-memory.dmp
Headers
Sections