General
-
Target
1352-4-0x0000000000400000-0x000000000043C000-memory.dmp
-
Size
240KB
-
MD5
9904dfd1a6297babd0795492d2581711
-
SHA1
2b4642d044ae0ae032b8c4b1933388e828d2e629
-
SHA256
603443f5fe820f17deca9514f9dfce8b329e94638a3ee2b71f9c424855101128
-
SHA512
320da5cb085130d22a297e7a118352fe9dfc59d333e561ebfd0dfc1783e8ab673d9125d1f9a4c15fef3b4027ed8bff2f1e540b8dcf2dad673fe7ae3e22cbfb18
-
SSDEEP
3072:RnmR67LNgcflq00ryzlIg8C8u4VWkFRSd4d1ScwN55iMShKS:Fk67LNgctYryzl/s0Sd1Slf5iMSM
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
LogsDiller Cloud (Telegram: @logsdillabot)
C2
95.214.26.17:24714
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1352-4-0x0000000000400000-0x000000000043C000-memory.dmp
Headers
Sections