General

  • Target

    4436-359-0x00000000001E0000-0x00000000001FE000-memory.dmp

  • Size

    120KB

  • MD5

    73a849c03145720bfd2d979660613ad2

  • SHA1

    8603be2bcf433ff3fa4e082de360163cd1d52ef9

  • SHA256

    0d51e874e9d61e751d83bb7d421bad9f898988ecff50486826201a9299efd27a

  • SHA512

    c750f234f45f9a9014ee2dd59081184481987313ac6fa516b148ea3003791189975c868eff04e385b6a4f2b3c3c390b5e9facede0cb4f9c29951a48370db4942

  • SSDEEP

    3072:33HcjBPe7NerE+CrFkDSuOkZDcXiqEqVR2:3eGKDRAX1

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

5141679758_99

C2

https://pastebin.com/raw/8baCJyMF

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4436-359-0x00000000001E0000-0x00000000001FE000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections