General

  • Target

    1020-1-0x0000000000580000-0x00000000005B0000-memory.dmp

  • Size

    192KB

  • MD5

    1cfd2fe6cf633ca085b4f991a682f93d

  • SHA1

    2959a835d3c760c62c39300475f84c5a161deba0

  • SHA256

    d5a6c118916b9bf6e8c92fe4ca5b205838190edb90b6549206ee3ceba331f300

  • SHA512

    3deb604bc20ead2cd888f141d9f3297aff85258f76933c5ea32eb6e60cc35e84cdd84a2057f70f0f350bfcc166c50df771a2741cb5233fc50fadfd6b76716a42

  • SSDEEP

    3072:zhuxEBJaVoI0ONwSvO2uyd7wDX2ZLE0eL2T+0Jg8e8hV:oxDoI0ONwSlwDX2ZLE0V+0W

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

@oleh_ps

C2

176.123.4.46:33783

Attributes
  • auth_value

    94ecdfa2eb126d66ce500353b2fa9112

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1020-1-0x0000000000580000-0x00000000005B0000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections