General
-
Target
676-97-0x0000000000360000-0x0000000000390000-memory.dmp
-
Size
192KB
-
MD5
d621ba4403fb92358cbdde74f8fb1e55
-
SHA1
345151d2e8fe44334afcfb8a5ed0be497f78dad7
-
SHA256
a443e1ff44d68102fc0b9f7dfc421d20f894250f678886d2ad01b22f5777e3e0
-
SHA512
8dc28d96f202728898cc6eff699974d2d6ac18f31c079b8da5ab50ff1c491fc5991677d55d7e8527d4e6ae2f19aabf72965a0854e7a2fb9ccba099c0605a3257
-
SSDEEP
3072:aAWi/g1IzuRb5xNAKY73zOyuj++0i8e8hk:azi/+VCHuyuj++0i
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
nowa
C2
77.91.124.49:19073
Attributes
-
auth_value
6bc6b0617aa32bcd971aef4a2cf49647
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
676-97-0x0000000000360000-0x0000000000390000-memory.dmp
Headers
Sections