General

  • Target

    1512-184-0x0000000001000000-0x000000000103E000-memory.dmp

  • Size

    248KB

  • MD5

    6ef24770366fc8d231252848ef9ee196

  • SHA1

    d25db6f13a1e0acccbcb6450f8f7de9be68d08bf

  • SHA256

    a5dd39229a82a458284943d9a37915b9c2c52b479dea75696d9d3a3603e7534c

  • SHA512

    5a4e35d57328fd77e415a8035a2cfbdf2050c51abfab4decfa06099c3f1fb2c22c25bd493a2ed5f6b90f3499ed7c2eac893033029661be4901ae02ae21257bd0

  • SSDEEP

    3072:2tJXRMeZYncNgckxQdxCr1d2t/q5yoQVZL53pRzzXZQA4:2JMeucNgckedxCDo/doQVZdZRzzXZQ

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

kukish

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1512-184-0x0000000001000000-0x000000000103E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections