General

  • Target

    2840-116-0x00000000003D0000-0x0000000000400000-memory.dmp

  • Size

    192KB

  • MD5

    e45f10cdbdca2cc5028ee179178b4c45

  • SHA1

    bb1e3775288e329e7ea18bc1d6baec6800e7b913

  • SHA256

    0f474527cf2baca49b084f8503931b316f5a6fb7c16256e57b5e36cac61e246b

  • SHA512

    0d24a787c1f1f3f8c3b62f2de5e18849923b764f783bd039048e35184fa948369d80d00f273ade3aec5da2925073736b9388dc4766ad214837de8f75c7e6b958

  • SSDEEP

    1536:GlBA36sv0W7T1sjvrHzbNSISuiiB0J57TNyQGxNXLYQLrbuLh8yrEHVF+0GkR68U:GrqCnNsZWSZ5GxN8yi8yIHVF+Z8e8hO

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

masha

C2

77.91.68.48:19071

Attributes
  • auth_value

    55b9b39a0dae383196a4b8d79e5bb805

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2840-116-0x00000000003D0000-0x0000000000400000-memory.dmp
    .exe windows x86


    Headers

    Sections