General
-
Target
2796-4-0x0000000000400000-0x0000000000435000-memory.dmp
-
Size
212KB
-
MD5
cad67c140efb9ceaa88990568f743c72
-
SHA1
4bc8f4cfa614b3e9305ca927c6cd1ebdeefaf4ed
-
SHA256
6f463c938d9ad8d2364f3ac505a3a7564c2d3dadbaebf8fa8c25f81ef7821bb0
-
SHA512
c5c536de3d42d7297d513d8d50f605617ca620adb61732a0a5519c7dcc668c204fd44e5b88366c11197c2985feffa6396291dffff2d0e553eaf911813d7f17ee
-
SSDEEP
3072:LlYfG0+CI0VhwCXONWVR8ZRW/E0aPxWtBRPjpJZ8e8hPSSG93EjFHU:ZY+CI0VhwCwU/E0oCRPjpvYm
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
edward
C2
47.87.159.126:39834
Attributes
-
auth_value
446f634e82d0b4e53079f0a26b8c33a8
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2796-4-0x0000000000400000-0x0000000000435000-memory.dmp
Headers
Sections