General

  • Target

    2120-268-0x0000000000670000-0x00000000006A0000-memory.dmp

  • Size

    192KB

  • MD5

    7ac32da6a1dc156b8a6aafeb3ea058c1

  • SHA1

    b384bd32f10cfbdd1038666da4d4656e7a9f4894

  • SHA256

    011ff3df6d1f86b9d5af79858f493006b4a1609e89d5d81d27308bd816135785

  • SHA512

    8d0e6f0f3be24750db342dbd353d718009a0abf3754740699ebe22a9e35e82b4466c613add3f7ccdd2a72b72edc471131dbefb792e5f0a1e8ff2b1670ea709ef

  • SSDEEP

    3072:8AWi/g1IzuRb5xNAKY73zOyuj++0V8e8hk:8zi/+VCHuyuj++0V

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

nowa

C2

77.91.124.49:19073

Attributes
  • auth_value

    6bc6b0617aa32bcd971aef4a2cf49647

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2120-268-0x0000000000670000-0x00000000006A0000-memory.dmp
    .exe windows x86


    Headers

    Sections