General
-
Target
2664-673-0x0000000000180000-0x00000000001BE000-memory.dmp
-
Size
248KB
-
MD5
ad334063e1d4c8348fc96aef34637b7c
-
SHA1
22ba5dd8ac076c47e1696e2a777ac4aca6374ab3
-
SHA256
d8fd8e6e1d3114423334fa17f80dfee63b3637582d0cfa2715e12b0ac81cb653
-
SHA512
82001281cdd52e402f44e09ae09b1d868c16655903e277e6e60bb0463f5de7d4fe30b320fca84d6ba5db472024ad92fe0c3c4a0c0c7d67c6b647f67beda81bb1
-
SSDEEP
3072:ptaCObU4nXNgcBGkc53UID4N3wGt/qrhtCX7IWB4lAVk:ptatbTXNgcBRm3U/UtCXk04lA
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
homed
C2
109.107.182.133:19084
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2664-673-0x0000000000180000-0x00000000001BE000-memory.dmp
Headers
Sections