General

  • Target

    640-2-0x0000000000BE0000-0x0000000000C34000-memory.dmp

  • Size

    336KB

  • MD5

    1f50afe09ac505f256cbf2c0d8d63c2c

  • SHA1

    5e0cf5ad3dff4c315b65ed0e33272bde6b6875f7

  • SHA256

    b7d9eec3c0b00c526238984d1cf2d496a40da97030a25f4f7c44866f1b094a6f

  • SHA512

    404f5756f48e4cc45e8965acadb46469f19fd4104810e4e8994cc2108d9b394fea7b7ecb0a8d9f4f804dcf42a2f0a978a9271f535392de1ee195fe8bdbccbf1a

  • SSDEEP

    3072:bA0WJjkS+dNMX2LsbfbujzJ8K3nSyax4dR38MRqfjDv/YUeqiOL2bBO9:PbrNnLsbfS54x4dGMRqfjD4aL

Score
10/10

Malware Config

Extracted

Family

redline

C2

109.107.182.26:14895

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 640-2-0x0000000000BE0000-0x0000000000C34000-memory.dmp
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections