General
-
Target
5292-559-0x0000000000170000-0x00000000001A0000-memory.dmp
-
Size
192KB
-
MD5
7c752cfc27d44e7e1cbb8f1aabf0ee38
-
SHA1
708a598cc9e635498db5d4c0447f606d215adf17
-
SHA256
f84c9e21c722c886f858d0e9702ad127031d4e3995fab4380d848fa42d71735f
-
SHA512
8bce0cca52939b3a1a4f263137f1692ba46eff6a6c8c2ce075b1150410d19974427aa2f9af30a3d3350f7496309341688e65f97a4486460573138c8bf1cc2721
-
SSDEEP
3072:f1rfs5//I0bmCKugObCKR4eSwbD1J19cgrE0ML2Oam82JM8e8hU:9rk/I0bmzulrE0U2E82O
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
@ytlogsbot
C2
176.123.4.46:33783
Attributes
-
auth_value
295b226f1b63bcd55148625381b27b19
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
5292-559-0x0000000000170000-0x00000000001A0000-memory.dmp
Headers
Sections