General

  • Target

    5656-477-0x0000000000A40000-0x0000000000A7E000-memory.dmp

  • Size

    248KB

  • MD5

    816f23fea698ae14059fa07f0873ca93

  • SHA1

    999f607259080604d5c5f152ceb42ccfb238af64

  • SHA256

    cbddfcda1d308024b37beea7ba3e2b7df4325e77bfbfa03ba34b882d3bf3f3cd

  • SHA512

    a7327913a322586f3736471cffbac6f420f4e42ba5398fe980b59bbb2b366c3f963e017f26225d50a923b1fd4586dd0120d42db87e64ea00e0c37f2f0fbfefe1

  • SSDEEP

    3072:pJctOPGO2n1NgcU6YW8qu7SHBFt/qLdVPMxX/jEIgcRg:nDPGv1NgcUVWCuHF/CXPMxXLEfc

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

176.123.4.46:33783

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5656-477-0x0000000000A40000-0x0000000000A7E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections