General

  • Target

    2768-125-0x0000000000350000-0x000000000038E000-memory.dmp

  • Size

    248KB

  • MD5

    9772c61698895ca5443f145fbeac12e9

  • SHA1

    4c3c4e886483ac843cc9e6f038c8139e5b46af8e

  • SHA256

    6b7cc5ca45ca52e7f5c1f4ce3aea23fb14c302c8e5a2678ed93ce9e1e59122bb

  • SHA512

    95cbe5b9d560785307747db2a512d90727fae1e2ba913b88e49ba8d374a507b2275e5ba83eb14fbf321de930d553abdf5a683debb6f5ac9063d14698344cb714

  • SSDEEP

    3072:QJctOPGO2n1NgcU6YW8qu7SHBFt/qLdVPMxX/jEIgcRb:mDPGv1NgcUVWCuHF/CXPMxXLEfc

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

176.123.4.46:33783

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2768-125-0x0000000000350000-0x000000000038E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections