General

  • Target

    560-935-0x0000000000BE0000-0x0000000000C1E000-memory.dmp

  • Size

    248KB

  • MD5

    daa9559760aef368f57e7357836be57f

  • SHA1

    b442511b18d2fba62247a93a9be02a0c57c1338e

  • SHA256

    4d3981351296ae942191a3f7b527e63f261b873ae0f8b9dbf14149bef679f8f4

  • SHA512

    8e19e3b6b1696ec9c9666c5f2ce8268a2eb4b730bd11d74859e91afac0c2790525e3a30e6236901b665e1a0d09cce0deed0196cbc34a00329467889c86ea5638

  • SSDEEP

    3072:BihvLpYnXNgc+jZ44OLqNaKe/Gbt/q6ubZovTqpwUybFhyh:B+lYXNgc+144OLquOZ/CZovTqHybFh

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

grome

C2

77.91.124.86:19084

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 560-935-0x0000000000BE0000-0x0000000000C1E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections