General
-
Target
3776-2-0x0000000000400000-0x0000000000430000-memory.dmp
-
Size
192KB
-
MD5
529822589ecbf4dab662c35978ee5c8c
-
SHA1
daf6c6d12a6b8c596c7c5f95c7f13e3789c77a87
-
SHA256
9954445747499e75b301cd385752849d332c37d2fc116924d6258a331514e9a7
-
SHA512
b489146abaa56117f2da4c9a2a7bcbbb07b0f894d86dd01dd7d8a0f6aaa15a6b3418877f65acaf437f1606f755d44452a14aa08032ad7fa8afdd2a63c1b049ab
-
SSDEEP
3072:OcYbZTUzl6I0f3jZSOLT0KWhFmfhE0OxHt0Ul5Js8e8h4:nYbZA6I0f3jZohMhE0c0Ul56
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
prvt
C2
176.123.9.142:14845
Attributes
-
auth_value
a0550c49d784b5105c404695277f15b8
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3776-2-0x0000000000400000-0x0000000000430000-memory.dmp
Headers
Sections