Resubmissions

11-12-2023 03:16

231211-dssfcschb3 10

General

  • Target

    2680-12-0x00000000003D0000-0x000000000040C000-memory.dmp

  • Size

    240KB

  • MD5

    376cfd945a8db0a2b981b668c582b06c

  • SHA1

    018ab3104308345e7d2e9e724b425c3e207e8efe

  • SHA256

    4f49902ed05b63bc69587c0b8db12274f3e6865edfb76c9cf0189b8e11278a88

  • SHA512

    95e564915acf620fee7178babca06c81d8369912bc71408774611afcef49533633f04e686216752892d374f5d428680f39ab2f8a32381a7c2f4f1bcd5e474c69

  • SSDEEP

    6144:9C4gdz070NgcoTrFzO2DzzzzzzHLzzzzzzzrzzzzzzzzzzzzzDzzzzzzL7z30yfE:5O5NgcoTrp9LrorsI

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

LiveTraffic

C2

77.105.132.87:6731

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2680-12-0x00000000003D0000-0x000000000040C000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections