General
-
Target
2780-376-0x0000000000400000-0x0000000000430000-memory.dmp
-
Size
192KB
-
MD5
b9f561b75d874d14e4b584b4f2eec364
-
SHA1
cf8bf336e79f1e94485ea438a258ce88787a7c5c
-
SHA256
c1ae8e92a69a0a41b4812980947f33cb1ae9284d916526fafdf70f5fde8b52c5
-
SHA512
90d45b35170e3983857ae9b4134a8bbf2775bcd5462c1a1ff16e2e73c3f5b61f8726efb5e16439345b410384bba5b89cc51b6130c95af48c033d09872dcb3c67
-
SSDEEP
3072:Wl3Dbg6cXoCL4TlQqxNQsD03mgz8e8hc:WldcXpd+gz
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
070723_rc_11
C2
amrc.tuktuk.ug:11290
Attributes
-
auth_value
5c003bb2a44f6538df34879227a9ad34
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2780-376-0x0000000000400000-0x0000000000430000-memory.dmp
Headers
Sections