General

  • Target

    2180-7-0x0000000000400000-0x0000000000454000-memory.dmp

  • Size

    336KB

  • MD5

    a71e969aedf77e552e4625294166e729

  • SHA1

    1601f2ade5610ccd34f2604f5182b08475341dc7

  • SHA256

    d34847ec8ca5e403e9735f6e9225dee88e33b2bd87ed3012e3a2fce07d4a73fd

  • SHA512

    15ce60458c549f27cd98aad48ef7999a84854289b697beb0a8b977a1140b65e8312267e3280143096cbf0537ec043de20a465de7a9108579910a9cfdefcbc1df

  • SSDEEP

    3072:bA0VmZhF+Kt5ZKRPFuDt9dV8KqnApxAwB7IMRqfjDv/Y:PurtqFI3l/xAaIMRqfjD4

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

LiveTraffic

C2

20.113.35.45:38357

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2180-7-0x0000000000400000-0x0000000000454000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections