General
-
Target
520-138-0x0000000000400000-0x0000000000426000-memory.dmp
-
Size
152KB
-
MD5
ad56bc122f123e88371080c4d4c2c783
-
SHA1
3bdd97a0c2dd1777df65cd882e64046e55b98ee5
-
SHA256
bd7589aa4f368fe0fdd2cb5196976859daafe748e95011bede23e49113685eb4
-
SHA512
6dc5bba3102778df3bd7989e9499853f2b60e741a3b34d3356c613c59f59c48429b0a3093d7abb3ea2a983e076c4e36726a5ec24264f2ef591ca08069db44a92
-
SSDEEP
1536:caLcnVHT1C/oHxsJQ4+fe0koZFu/OYmtihZjaAbV79/dweNKsYgibfbFDKsRp:5LcZZVoq20kuurmk0QLVwGYgafJlp
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
@anatoshascam - 05
C2
5.42.64.70:45663
Attributes
-
auth_value
2b15d48e920aee4d52db40eed695b7c3
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
520-138-0x0000000000400000-0x0000000000426000-memory.dmp
Headers
Sections