General

  • Target

    2512-0-0x0000000000270000-0x00000000002C4000-memory.dmp

  • Size

    336KB

  • MD5

    9dc5fcfd5448dab8595bc7766a2b26ba

  • SHA1

    8013dcf3d9c5d759b4d653cad5cde14c5c6a00d5

  • SHA256

    ee4cc25dc45bf30852674a5c5f6966d6060e8492a0e18a7a276cec83b2cc23f5

  • SHA512

    ba933b1a8c80b019b4d80747474a906d4e2c9dc9058492e061637a4447389d9c272730b9c52e8cfb68242ac2f5ed407d5093af4f422254e9e0d45362703f30b2

  • SSDEEP

    3072:mA05RLsX7+BVOqgnIALM93jam8ZnJ9xFd8KMMRqfjDv/YreqiOL2bBOw:OUXWV2IALMlSxr2MRqfjD41L

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

2yu

C2

95.217.81.77:35530

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2512-0-0x0000000000270000-0x00000000002C4000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections