General

  • Target

    5704-267-0x0000000000F80000-0x0000000000FB0000-memory.dmp

  • Size

    192KB

  • MD5

    7cf4681d19f01ed96aad5fa532355967

  • SHA1

    50fa69132886e068c5bf5048c55fe8839d4af49a

  • SHA256

    52dfc71c23abd4a801c715b41c6ba4fdff3c1b30d5bf7fb3daff26a2d727ef98

  • SHA512

    beb92af12d1e56a22712d2cd4114c43ae9ff3513054cc08d79bd17d24941c91697a6144626046e7399462ab5001d4c2f22f12a0bbeb3afac85f3019725e0d04b

  • SSDEEP

    3072:IORGSnRfr3I0SbF/tOOc5XjVEHyYoqE0sAiJrFueJE8e8he:YSp3I0SbF/OVESYoqE0XmFuei

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

YT LOGS CLOUD

C2

176.123.4.46:33783

Attributes
  • auth_value

    f423cd8452a39820862c1ea501db4ccf

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5704-267-0x0000000000F80000-0x0000000000FB0000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections