General
-
Target
1696-198-0x00000000000E0000-0x0000000000110000-memory.dmp
-
Size
192KB
-
MD5
550f92008c4e49ea22344f8a6791301f
-
SHA1
a130363ae2a990371b184899792dbe22c6f53262
-
SHA256
ee36de49e2651594da6421879a8c79996da3d9160fd8ff1516debc74d1f61149
-
SHA512
32d8b4ffdcd6c33592bfb838c9359053167cc12adfaa71b462999c6416901525c4163df0b92731e811eb997a023a5d3694a7824ca077f3301ff7c7cd706e5afb
-
SSDEEP
3072:qORGSnRfr3I0SbF/tOOc5XjVEHyYoqE0sAiJrFueJm8e8he:mSp3I0SbF/OVESYoqE0XmFueY
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
YT LOGS CLOUD
C2
176.123.4.46:33783
Attributes
-
auth_value
f423cd8452a39820862c1ea501db4ccf
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1696-198-0x00000000000E0000-0x0000000000110000-memory.dmp
Headers
Sections