General
-
Target
2144-62-0x0000000003810000-0x0000000003850000-memory.dmp
-
Size
256KB
-
MD5
a774ebc9af05a8251de522d3e4989190
-
SHA1
b0361b3d3e20b1b43f9325aab4d9e8ab010d7574
-
SHA256
b76b952f4bbfa58e00eb5aa73fb15d6f498b1b4725b33b14131d759b0213d6e6
-
SHA512
52b666c86699dbb80f4c91c9edac7f28ac70b8ccc9ecb5e6ab39a3a56d666b867420551ffbcf374577892f89ff610ca83a99d02971e8494bafc81c6409edabcf
-
SSDEEP
3072:Qn8CqjwLYhlYYgafJlngQiQjQkQjQgQGQrvQ5Q4QkQTQgQKQuQEQdQpQEQ5QRQP5:y4j1VjpQ/eBU
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
@Germany
C2
194.26.135.162:2920
Attributes
-
auth_value
9d15d78194367a949e54a07d6ce02c62
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2144-62-0x0000000003810000-0x0000000003850000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections