General
-
Target
2156-138-0x0000000000400000-0x0000000000426000-memory.dmp
-
Size
152KB
-
MD5
9e11a4fd0fb8ae45ddaf5899c641e0f2
-
SHA1
2d1760d1e058091f86576f1c3bdaa412709b16dd
-
SHA256
02291d4107b8a9caaa080d6d989a62baa1e00ce20d9cfdac02a8f6658d39ce5c
-
SHA512
ca54df8dcf6a1e72f76bf76e376171b85ad5c9086146195209fc25f68938629d45c419c53542bca8786ee4e0d49ac6daf02d410167758405785d860463e03923
-
SSDEEP
1536:waLcnVHT1C/oHxsJQ4+fe0koZFu/OYmtihZjaAbV79/dweNKsYgibfbFDKsRp:lLcZZVoq20kuurmk0QLVwGYgafJlp
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
@anatoshascam - 05
C2
5.42.64.70:45663
Attributes
-
auth_value
2b15d48e920aee4d52db40eed695b7c3
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2156-138-0x0000000000400000-0x0000000000426000-memory.dmp
Headers
Sections