General

  • Target

    2888-114-0x0000000000480000-0x000000000050C000-memory.dmp

  • Size

    560KB

  • MD5

    180594311bfd1de637962937cceae7fd

  • SHA1

    df17de5a8aa2a12fbb59972efe89e6be266b2649

  • SHA256

    85da80c0dd52ccb36c907f76eaac1d5bb654fc789dae7b79ea5ea5cba62e87a8

  • SHA512

    3511a09fbfe086681e43d446cd5974d98046a11c7c15a3f3136a03cea651e3b4c1ef1efb29e8960bf5b4640dcf775478f6445ed44e662c4235427f95e591ab07

  • SSDEEP

    6144:3sILRq8Ss/ZDEJ3Xv5p2wf63junAVoddr0ZSrEDNmkfqubl4+RhoMSlQjxeKgmc:35Fev5p34KAkr0TUjOl4KSlQjxeKgmc

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

lamp

C2

77.91.68.56:19071

Attributes
  • auth_value

    ee1df63bcdbe3de70f52810d94eaff7d

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2888-114-0x0000000000480000-0x000000000050C000-memory.dmp
    .exe windows x86


    Headers

    Sections