General

  • Target

    1572-122-0x0000000000080000-0x00000000000B2000-memory.dmp

  • Size

    200KB

  • MD5

    c135afbb99a8fbca298a2c3688f1c851

  • SHA1

    7d060640a86461af0c7e6cd77df535d9c9b5180b

  • SHA256

    a1ca9391be9b741c7ff31dc2b57693fd9543df6e934eff5ff1bef1d6dca00082

  • SHA512

    3800b10c80e20d6a3dd7b2f1cfa910d1c03e8f9adb284c1c2163078eef65d1421975cb883486b05224fbee1e0e3a135508cb07b992198d5bc708f6b04528e4a8

  • SSDEEP

    3072:GxqZWHzaWAtdsiLe5G80e+o9Gh7nxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOQ:sqZwii5ZzGh

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

socicalbot

C2

149.28.205.74:2470

Attributes
  • auth_value

    9c51f0d7102febd61d441fffb9c4bb47

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1572-122-0x0000000000080000-0x00000000000B2000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections