General
-
Target
672-127-0x0000000000400000-0x000000000042E000-memory.dmp
-
Size
184KB
-
MD5
ec493c10f09d0f416a3273db23782d21
-
SHA1
0f99cf115d6525ae87147c23fb32eb3d7b6019b3
-
SHA256
1afb2fea591c2bd497ddb37e1b048fbb0f33595715fa6276eb3c56a0a49ab38c
-
SHA512
8a4b4a71dddaddf0277b82986c00b77b5f7d8b41b8a0e66088059ae86ad9f0ddf73baa57a4552e168e9449cd67067f25efe49d198cdc43b8208f0768e7ec930f
-
SSDEEP
1536:nTXbeqhVZCGW+WEVPhq8Wg8fnv5RCNTGqVYFWbuME0aQ5ZDr/e84wYks8e8hH:TLXWb8WgMv75qVYsKaZDr/eZ8e8hH
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
metro
C2
83.97.73.126:19046
Attributes
-
auth_value
f7fd4aa816bdbaad933b45b51d9b6b1a
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
672-127-0x0000000000400000-0x000000000042E000-memory.dmp
Headers
Sections