General

  • Target

    2444-1-0x0000000000220000-0x000000000025E000-memory.dmp

  • Size

    248KB

  • MD5

    75546a26403ea8e28d33f80274eb538d

  • SHA1

    d1e43f25f2351ba13a8b2492263cb5e82623ff66

  • SHA256

    64dd6f26255ccc06dfa9a44942b36dd39cb4a98c6050b60575a8a063220636ff

  • SHA512

    4ff3af933167685f4fc8f993ad53e0a2c3116dccbb9a1dd95b47c38597ede55c974a7566367089e7bcee7c394c6461950908ffc20a647c8eaf2848f9d016f46a

  • SSDEEP

    3072:jTuGoWl7qnENgct8GYU311pWevF0t/qWz7r0kbpCTDyLU:vuGJleENgcS1I1a2FS/Z7r0UMTDy

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

@oleh_ps

C2

194.169.175.235:42691

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2444-1-0x0000000000220000-0x000000000025E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections