General

  • Target

    1724-137-0x00000000001C0000-0x00000000001DE000-memory.dmp

  • Size

    120KB

  • MD5

    6b44ca3dc512572b292d3830e0a34480

  • SHA1

    33c74c38dfca5dd73405db8e21e6063e7ae49c19

  • SHA256

    b90755a23b29cdba914c05a0aef25ee2bc21005fa1416c35d822051c0df449b3

  • SHA512

    29c576d54be09832cbd4ae3ee045deca91ab65caba70e9d66a7fea05f270376c70bc7d5b9f9380e7bcd4d1c6def03325f770a787deb0c0d5b0e03a149505598d

  • SSDEEP

    3072:W3HcjBPe7NerE+CrFkDSuOkZDcXiqEqVXI:WeGKDRAXb

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

6012068394_99

C2

https://pastebin.com/raw/8baCJyMF

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1724-137-0x00000000001C0000-0x00000000001DE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections