General
-
Target
3028-1407-0x0000000000400000-0x0000000000426000-memory.dmp
-
Size
152KB
-
MD5
141d7ce9ccb4ca0644abf96cca284bac
-
SHA1
fac742e53f47cd2e8638e081ae81aefbca9649e9
-
SHA256
dc22e7cee6963ffb75cdc0719c17fa65b152ea418215f4ee51ecdcb1ffb4dc1f
-
SHA512
673869e342b5ebe92bfa6fe90b46df21f3dc03d6d842afb54d6a5b03355b29e8999012e0c7b56dbeee85902bfe91dc18f36bfcefba96547dc20736eda03fb4d4
-
SSDEEP
1536:9akcnVHT1n/o3rpIw+f+WnAEf8Cl7tthbjTrbV7ZkOJUesYgibfbFDKsRR:wkcZZ662WnZrlJLX3JgYgafJlR
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
wxosLzugnBz0JG1
C2
91.103.252.35:44838
Attributes
-
auth_value
ed8bb6c5a42865bb85e81c2c0c5f738d
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3028-1407-0x0000000000400000-0x0000000000426000-memory.dmp
Headers
Sections