General

  • Target

    268-83-0x00000000002A0000-0x00000000002D0000-memory.dmp

  • Size

    192KB

  • MD5

    1a9290304cb2c4659df135b2a7daff14

  • SHA1

    c5152d8887c88233137022835395c53ba6263a39

  • SHA256

    fff86280505b70133e7b28430b5729913163a3dab61c4531f595d275f826d34a

  • SHA512

    78c411b179d6d732e15e1235c68b9ef7d1d541921925915ea454eea63bb46bd0b7307091007b490c5292fa03dc7f494ed0d1ae78dce09f0fba9300a5408765bc

  • SSDEEP

    3072:+tE62xyQ6d+VeXdxNLgVK880EHF8e8hK:yEmOA9S80EHF

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

andre

C2

77.91.124.49:19073

Attributes
  • auth_value

    8e5522dc6bdb7e288797bc46c2687b12

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 268-83-0x00000000002A0000-0x00000000002D0000-memory.dmp
    .exe windows x86


    Headers

    Sections