General

  • Target

    2900-12-0x0000000000280000-0x00000000002BC000-memory.dmp

  • Size

    240KB

  • MD5

    8e7d0f2f90ee9a876940582319c58aee

  • SHA1

    ca25c97fa6408c705643cc21aade0bc6dd2568a6

  • SHA256

    d10c66c4aa865c3923dc4d6324c5b30faaceeb2972cdc83a6704cb0c9ace3706

  • SHA512

    be01260448ecda523e3a35f5b9b74711c45482ecb1a4ee989cc356b596204bf2ef9e31bd3779b94ee7922de5f0cb4a48f579bce5b67057f142677fb444e9b4f2

  • SSDEEP

    6144:GC4gdz070NgcoTrFzO2DzzzzzzHLzzzzzzzrzzzzzzzzzzzzzDzzzzzzL7z30yfE:EO5NgcoTrp9LrorsI

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

LiveTraffic

C2

77.105.132.87:6731

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2900-12-0x0000000000280000-0x00000000002BC000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections