General

  • Target

    2640-1-0x0000000000260000-0x0000000000290000-memory.dmp

  • Size

    192KB

  • MD5

    906950cc46e47d85d478d161cffd5b6c

  • SHA1

    d64734f5eb18defc30eaedeb16ffb3328ba01aec

  • SHA256

    f6e4841cb94f7b16302fa9ca162e18df07e5e5e44e102b66542115ae00a5c913

  • SHA512

    ea444244f7c07cbc5e05b0a64cce466b4d880fd90376dea0ecee9463ac4b9177d606ce16a8c078cc4fd406ffb6b60cc922d1ec9b1de345b4353b70d8fbbab5ae

  • SSDEEP

    3072:QU8efIRpBLITnx6xNKmVqoYXyICg+bl8e8h8:QUcl27rXXyICg+bl

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

@prsvt6666

C2

94.142.138.4:80

Attributes
  • auth_value

    87d1997a564fa7581db209cc71c07a4e

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2640-1-0x0000000000260000-0x0000000000290000-memory.dmp
    .exe windows x86


    Headers

    Sections