General
-
Target
1720-4-0x0000000000080000-0x00000000000B0000-memory.dmp
-
Size
192KB
-
MD5
e4d9c3f975f539ee18bdf153215c4931
-
SHA1
2c19599dbffbe7be9771b6af289fe4b7307d9d53
-
SHA256
8fcaab5a17c2d5f18e9927983ed089430e60266f81331fd6113e6d8678a41694
-
SHA512
5e82a2047b99c0d99f189a228d009d040b4cba81d5daf743428a8a698766b50e46d6d01872294499caf345904c4d9e668514f10df0ca40cb5b92cafba01371a6
-
SSDEEP
3072:g1rfs5//I0bmCKugObCKR4eSwbD1J19cgrE0ML2Oam82JZ8e8hU:Wrk/I0bmzulrE0U2E82P
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
@ytlogsbot
C2
176.123.4.46:33783
Attributes
-
auth_value
295b226f1b63bcd55148625381b27b19
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1720-4-0x0000000000080000-0x00000000000B0000-memory.dmp
Headers
Sections