General
-
Target
5976-483-0x0000000000770000-0x00000000007A0000-memory.dmp
-
Size
192KB
-
MD5
5635a6139342887581d3c9a4fa82b2ea
-
SHA1
b3d27dd67b322ee4c3770fef1c2413c6473c61a3
-
SHA256
60a4f47bf7198cf8f1caebfbe92826a770d17f9909b5d15b4d90002f6507f64c
-
SHA512
ed00c83064487775512857b64c9d406b163c1b658014228be79e00deb010e1587ee91dbd0fe28f89ac351061eaa1c40af39469e7d069db18d21aa3e56a6f9958
-
SSDEEP
3072:/1rfs5//I0bmCKugObCKR4eSwbD1J19cgrE0ML2Oam82Js8e8hU:drk/I0bmzulrE0U2E82u
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
@ytlogsbot
C2
176.123.4.46:33783
Attributes
-
auth_value
295b226f1b63bcd55148625381b27b19
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
5976-483-0x0000000000770000-0x00000000007A0000-memory.dmp
Headers
Sections