General
-
Target
5956-630-0x0000000000850000-0x0000000000880000-memory.dmp
-
Size
192KB
-
MD5
653ead75844e1f0ad5d18de729578922
-
SHA1
1c0ed536defd9e69733f03b804e4ebd808e1b1c0
-
SHA256
ed090b028926960bf3336aeecd24f3fdb13e0e1c4b81c5ae560b1935fde38fd9
-
SHA512
22718a91ec60aac4b2554f5cb43154b777de9c32568b648d4e8a9d1cc4bfccb4bb6bfd93f07e22fb47d69b343be425774b7e270f562d5d1db0eb283de08f3e29
-
SSDEEP
3072:d1rfs5//I0bmCKugObCKR4eSwbD1J19cgrE0ML2Oam82J68e8hU:Lrk/I0bmzulrE0U2E82A
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
@ytlogsbot
C2
176.123.4.46:33783
Attributes
-
auth_value
295b226f1b63bcd55148625381b27b19
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
5956-630-0x0000000000850000-0x0000000000880000-memory.dmp
Headers
Sections