General

  • Target

    864-122-0x0000000000370000-0x00000000003A0000-memory.dmp

  • Size

    192KB

  • MD5

    d25e113c4aece84d8610dbf84677d125

  • SHA1

    bfb826674dc68c26d9b91bd18d9a44ae8ea3e75a

  • SHA256

    fb744a0cad8e07c94018d88d5acf36684959d430a8b9b4fcee3e1f76b9e1901c

  • SHA512

    28141cb801b4fed7a47c13e42c7563d03d65c24a37351db5c90535a30cdf590b2f0fbd207d56c4e8483674c1b6aa7b8890a09e4e3610e674916793b6dd9a1104

  • SSDEEP

    3072:MAF5KBstbkeNKZIhDDxNcaoMczCO68e8hL:JXb33hDYjyO6

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

jako

C2

77.91.124.49:19073

Attributes
  • auth_value

    3db90f2679ab2890874898c7c6d65799

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 864-122-0x0000000000370000-0x00000000003A0000-memory.dmp
    .exe windows x86


    Headers

    Sections