General

  • Target

    5340-431-0x0000000000590000-0x00000000005CE000-memory.dmp

  • Size

    248KB

  • MD5

    1d640fe4fd1a65feb1c1c099a0d60f01

  • SHA1

    bceb2a397d6685ef92cefe4faed70a4d9db461b9

  • SHA256

    8e4eb765912d256386b1f43c1da198ebe2769ca56c593479976a6eaf1fcb13a1

  • SHA512

    2e743881ebc82801b6da06bc69bc8f6b54f5e98c293145674ee9b949114e8c4ea58024fab16086f003bba2e9469e7a7f28c7ec3762ce6d58989ff040fb4d0a9e

  • SSDEEP

    3072:0JctOPGO2n1NgcU6YW8qu7SHBFt/qLdVPMxX/jEIgcRv:yDPGv1NgcUVWCuHF/CXPMxXLEfc

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

176.123.4.46:33783

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5340-431-0x0000000000590000-0x00000000005CE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections