General
-
Target
2968-116-0x0000000000250000-0x0000000000280000-memory.dmp
-
Size
192KB
-
MD5
38107f1d626121e6d8b2449e71530e91
-
SHA1
fb91e3540ba413e1f02f62a2ec7de89efdc18d55
-
SHA256
b796e70001042d82c993e55775a7eed60e3dae5b7c716aa0e2fdf0b8f3d2284a
-
SHA512
a6f393d71ca8d71127382bec1158d8d9ffdfaabbfdf963f5b2ef3eeaf9acd67f107d6f011b69f17032bedc2a8a86465deea015a7ed0808c2d18e2c5ddd73845d
-
SSDEEP
1536:/lBA36sv0W7T1sjvrHzbNSISuiiB0J57TNyQGxNXLYQLrbuLh8yrEHVF+0GkRS8U:/rqCnNsZWSZ5GxN8yi8yIHVF+B8e8hO
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
masha
C2
77.91.68.48:19071
Attributes
-
auth_value
55b9b39a0dae383196a4b8d79e5bb805
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2968-116-0x0000000000250000-0x0000000000280000-memory.dmp
Headers
Sections