General

  • Target

    2620-540-0x0000000001020000-0x000000000105E000-memory.dmp

  • Size

    248KB

  • MD5

    1ab8e1e7d7af7d086cc4c645d5d36df4

  • SHA1

    665095a276bf93e22c2e006f041a9d7c730f2cb3

  • SHA256

    83f9508c006254785faf4e738b648793cf47a963c2cfdb8fa8f8c4b092ad9ddf

  • SHA512

    a1a4ba8ee2b162e62f508e0b89e9f20f62eafd78cf6ac3efec74fa88c1052086384339879d99dcfc0c3152316016bf787243857be51cdc40076f1e6f9f2a8dab

  • SSDEEP

    6144:fmSQQNgcPf2iHv0+9JR/xadbzBNFygk5:OHQNgcPf1JROBNFygk5

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

kinza

C2

77.91.124.86:19084

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2620-540-0x0000000001020000-0x000000000105E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections