General

  • Target

    1100560x00000000036C00000.dmp

  • Size

    208KB

  • MD5

    6774148fa08e40dcc2b673ce3eee32a8

  • SHA1

    618656f4268b71ba867454a335afdafcb89edf55

  • SHA256

    9ff825a99e87fb22aeeeab3751ed6065de8e74127ef1377b8af5411e4f7b5710

  • SHA512

    1075116cd4d94594a8253905570fac3a3d5b1827c967a4f6b8be3e32fa4d6d2baaa84c9854534f6690097793ce4b3b51d821d765566a233c81f41065728dc501

  • SSDEEP

    3072:d8S4s69gQu2l1/+lEH52BIPUVQ+RwM+IB+SaDtsA4+rSzPDJ8e8h0:KS4s6Pl1/jUhtcSMtsASR

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (Telegram: @logsdillabot)

C2

146.59.161.7:48080

Attributes
  • auth_value

    c2955ed3813a798683a185a82e949f88

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1100560x00000000036C00000.dmp
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections