General

  • Target

    2268-0-0x00000000002D0000-0x0000000000324000-memory.dmp

  • Size

    336KB

  • MD5

    1eeec86a3569cc7628b3c0a710bb7f3a

  • SHA1

    8ac8273bce37558c81e0eb52ac5b93c7175f865e

  • SHA256

    797a4974c7d74e97fe2b55cea571ea0ceb198ec246de34c61fed6f8b32380532

  • SHA512

    6c82706637737baa41a71f3fb98fa3c9a806dc2bc58756e96c9b0fb71189ab6089fc719cfe66fa83f306c390d6ac1ddbaf304d483e9dfbe3943ab34c9c3be1c5

  • SSDEEP

    3072:afkCpXpfxIzbBePckWk6kVYmGmO+7GnTNSCuzILkBaWLkBWnSnK4dTvsu2qj4T+h:fqUXHqE06FwxTkzMRqTjD4dL

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

instaall

C2

77.91.124.92:33992

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2268-0-0x00000000002D0000-0x0000000000324000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections