General

  • Target

    1616-97-0x0000000001E70000-0x0000000001EA0000-memory.dmp

  • Size

    192KB

  • MD5

    2d4e5acb2ab05fda20b53d6c52be67a4

  • SHA1

    2279749f1f6c4c350801a10a135b1b85a441c323

  • SHA256

    eed942f04e7c0f937914ce4e0b2dffd109bd76e791561543a1d052dab686b030

  • SHA512

    db4d3564002645da8733fd053d124ad4180676e43508fe9c1b62095e3618b855b8c6b238dec4065c9d2340c0288e2a2aadacbdfb2a61d0b67828749df4ff4185

  • SSDEEP

    3072:2tE62xyQ6d+VeXdxNLgVK880EHz8e8hK:aEmOA9S80EHz

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

andre

C2

77.91.124.49:19073

Attributes
  • auth_value

    8e5522dc6bdb7e288797bc46c2687b12

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1616-97-0x0000000001E70000-0x0000000001EA0000-memory.dmp
    .exe windows x86


    Headers

    Sections