General
-
Target
2292-37-0x0000000000060000-0x000000000067E000-memory.dmp
-
Size
3.4MB
-
MD5
a56425778a6d18c0b885ff16ad179885
-
SHA1
237f26978abb74024ed6826242338689af8f8908
-
SHA256
3a8480eba07b2f24b34b7986f7170e62aa48bc7139163cc563236f1e038327aa
-
SHA512
73acb1e7dc1bfd87d2c4c49692eb71643a5b0024917d8f2a9814a97270b508692c665c2b2e3cdd4f0b4f9f2e2937988bb8fecc8a6ebe39dd51605e5667055df3
-
SSDEEP
24576:ElNgcgBrgxzbbc/xy+fHdGASdM34A2AvtidbsTGVcyDrhSxq72FanEM8O7CyqNSL:CkdGASdMBQwCVcy3h3WajTb8ZWvbc0
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
1MIL
C2
185.173.38.57:80
Signatures
-
Redline family
-
Themida packer 1 IoCs
Detects Themida, an advanced Windows software protection system.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2292-37-0x0000000000060000-0x000000000067E000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections