General
-
Target
2640-1024-0x00000000000D0000-0x0000000000100000-memory.dmp
-
Size
192KB
-
MD5
f7538f926aae1461606c48376ded5f21
-
SHA1
5870736c0a0aa9ce489d0dcf458d8380d62826ac
-
SHA256
f6c64cbacf5ef1c9b6f836ba4c07abb0ae4afda8b06bc6f306aa436a0505d157
-
SHA512
2f12cbdb74f00de2874f74b4dc56734d006d98a14e061aff34db9bd444bc6ed4d220a5c9c40bb02a434f1ceee74e08dcea3fcc0c6483ac2c9ec0bcd709f461c8
-
SSDEEP
3072:V1rfs5//I0bmCKugObCKR4eSwbD1J19cgrE0ML2Oam82JC8e8hU:Trk/I0bmzulrE0U2E82o
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
@ytlogsbot
C2
176.123.4.46:33783
Attributes
-
auth_value
295b226f1b63bcd55148625381b27b19
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2640-1024-0x00000000000D0000-0x0000000000100000-memory.dmp
Headers
Sections