General

  • Target

    1916-487-0x0000000000080000-0x00000000000BC000-memory.dmp

  • Size

    240KB

  • MD5

    10b58c1240906c91ef892d2b6efb04df

  • SHA1

    33a713a010d285be5917bc8eb035863351ab4ee6

  • SHA256

    98615fd888697645566a7bd856652b1cdf33ec71b20998dda5239dd70c28f35d

  • SHA512

    bc53fa2df582d1cb40d541e6b266af0fd3cf0075e0556afb5230c8e8c287866261d225577cf14efaff1fc6bfa0ed0e25e8de0edbb7269d63ab40a65ee4a5ea80

  • SSDEEP

    6144:xP+YZ8x7SNgcVYCrx5q2vfO0PX1S+ALFd:xP+YCUNgcVhrCIWuALFd

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

LiveTraffic

C2

195.10.205.17:8122

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1916-487-0x0000000000080000-0x00000000000BC000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections