General
-
Target
2064-464-0x0000000000400000-0x0000000000430000-memory.dmp
-
Size
192KB
-
MD5
701ac01b920ad783cba60e0404a2cf62
-
SHA1
e069856b4e3c32aafefc86ee003bec00dbf9df02
-
SHA256
a1b058dfb1e9379d9d8a407747c45f9146317f0a02d3bd7a8ee1060f39b8d47f
-
SHA512
9bed0a8c098dbd3adfc3377575bdf8dc4cc821b2564016c07786934b78d5a638d90a655b8231d9592cbbd111adb89b97347b375c770a25cf5167d53f232fe76c
-
SSDEEP
3072:I1rfs5//I0bmCKugObCKR4eSwbD1J19cgrE0ML2Oam82Jx8e8hU:urk/I0bmzulrE0U2E82H
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
@ytlogsbot
C2
176.123.4.46:33783
Attributes
-
auth_value
295b226f1b63bcd55148625381b27b19
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2064-464-0x0000000000400000-0x0000000000430000-memory.dmp
Headers
Sections