General

  • Target

    1176-1271-0x0000000000400000-0x000000000043E000-memory.dmp

  • Size

    248KB

  • MD5

    3ad8e61d6e61bf18999bcde21a540e22

  • SHA1

    8b0607e3c431af94da2a6940c47c8c4e3c9096af

  • SHA256

    8fec8817985fa4a108ef02486f131c7bfc87f6e7f67e44ce96beec9ca501f2b3

  • SHA512

    83ab26fa19deec7f0d5e95ac4a83fe6452dce967278db44bce97d978a57b3414455a162193ac0a78514f28f521e129a46cf61ebcfbfddf224da69cc645e53b15

  • SSDEEP

    3072:vEjJpWunbNgcc+fw1nRKlnwT84Zhct/qR8NbtS6Gbmhmadg:vGTWubNgcc+I1nRKlwTQ/PNbtS7Khma

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

@ytlogsbot

C2

185.216.70.238:37515

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1176-1271-0x0000000000400000-0x000000000043E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections