General

  • Target

    2300-55-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    e760f4b672c7398c309a6ea3d37ff631

  • SHA1

    4a73aee54003cfc02e201b414ed010cecc62667c

  • SHA256

    2e17a226a51025df142416bdc4a458f3fbd6ef6b45f0b99abe30c17556f327dc

  • SHA512

    3bea2c4766aadf2f62a0900854f98f86570c476492695dbdf0d6c79f940ae6a74bf973d10f320b51743bef77b6c25bcb14f641dc2ddb3dd65d58acd0d6fe15fe

  • SSDEEP

    1536:RakcnVHT1n/o3rpIw+f+WnASnibn8tkxtYhWj9tbV7v/r7Ve2sYgibfbFDKsRF:ckcZZ662WnPna+s9Zz7qYgafJlF

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

@skittleswork

C2

185.106.93.193:48563

Attributes
  • auth_value

    ef4dc5aacac0edaf437d9ac7eeb79d61

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2300-55-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections