General

  • Target

    2220-0-0x0000000000250000-0x0000000000280000-memory.dmp

  • Size

    192KB

  • MD5

    073a251c4ced16fa5c9c9c3d0b2761b8

  • SHA1

    fa05aa22830885c23f5a1e9f45592fd33213fe99

  • SHA256

    86f49aeb7333b291ef21616010193dcc2ff4a87a822ef79f500f5c3f401132d7

  • SHA512

    5b6a0fb84861dea0e5cf1f99bcaa756d936f7e1a03e06363920bc08532accefb8a4cc52f7a63191e48bcd087ec373ee0ab5f1f0598c4f92396a7fc855f19d44f

  • SSDEEP

    3072:0U8efIRpBLITnx6xNKmVqoYXyICg+bk8e8h8:0Ucl27rXXyICg+bk

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

@prsvt6666

C2

94.142.138.4:80

Attributes
  • auth_value

    87d1997a564fa7581db209cc71c07a4e

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2220-0-0x0000000000250000-0x0000000000280000-memory.dmp
    .exe windows x86


    Headers

    Sections