General
-
Target
1684-793-0x0000000001210000-0x000000000124E000-memory.dmp
-
Size
248KB
-
MD5
c01ec3eb35f04449497a6bb4c93d7c54
-
SHA1
b96f3873fdb741fd4831a1b232dc05718cc74a42
-
SHA256
c5bdd47795ee99c563e3baf29157917bfba65df8c567aba045cc8e62addd60b2
-
SHA512
8cbf5f36bb774da284c32ce52689f5e37edf7c412dea9eb47418d8c43bd6265a3f3cc385396a452b331b18f2bbcceac9a2fcb01dea73420e0db6f661e9e2c0e2
-
SSDEEP
3072:D2PLqOze7nDNgcYde+t9P/Kt/qbe9aKC9GYYOtLD5:D0Lm7DNgc8vtO/D9aKC9V5tL
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
clientfile
C2
194.180.49.159:80
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1684-793-0x0000000001210000-0x000000000124E000-memory.dmp
Headers
Sections