General
-
Target
1680-56-0x0000000000400000-0x0000000000430000-memory.dmp
-
Size
192KB
-
MD5
db8aa2e568a316ba7dc99b103207d835
-
SHA1
4ee815ee2afa7d737e66f3d3d725953c228c7aae
-
SHA256
91e73847d4184e9431615dea8e62003583f979aeffdf4810db2d6875ac7d6bf9
-
SHA512
e89085128e668c61e8012250d24a59f189203aed041ca22ef6765e5abe740d3f312bcb00b2f7aae17a8785506f75a8b040ecd70f1119321cbd8fc4927df96d57
-
SSDEEP
1536:q0HMGE/qhVZCGWZlwP/t8WL6MiC6YdWjkTGqVOFWbuQ/xzuXheajg84wYkO8e8hH:2hJq8WL6qdWjNqVOshoXheajg78e8hH
Score
10/10
Malware Config
Extracted
Family
redline
C2
94.142.138.147:48665
Attributes
-
auth_value
523231e501a3476ca1e0b47280cb8095
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1680-56-0x0000000000400000-0x0000000000430000-memory.dmp
Headers
Sections