General
-
Target
708-356-0x0000000000400000-0x0000000000430000-memory.dmp
-
Size
192KB
-
MD5
d3a7b93004da3033d2db72955b578164
-
SHA1
14b4fcbaf7425aa7ec09824812963134dbf01cc1
-
SHA256
a4b63ee5dbd1f7bcbc23a81717f81f93be300618accfbad50692ddd20f2edd8c
-
SHA512
2c467ffd92bd91ee66a0a824a789bc7fb1d2dba41b952e6431abfbb567cd2c9c62d16d2651a8ba3aa08a88d37d14d0dc8080c7b6a7974a59a6584cdea668cdac
-
SSDEEP
3072:u+Mzp0WHo0oI0TKclRsOtSoii2EzsQE06hPEVQYdMAYJ18e8hR:u506oI0uclRkQE0LQYdMVT
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
LogsDiller Cloud (TG: @logsdillabot)
C2
146.59.10.173:45035
Attributes
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
708-356-0x0000000000400000-0x0000000000430000-memory.dmp
Headers
Sections