General
-
Target
904-57-0x0000000001FD0000-0x0000000002004000-memory.dmp
-
Size
208KB
-
MD5
33fb4663a844a154b796de8833a58709
-
SHA1
397fc6bd8ab4dd1b2511e4c391d9751f802ceeab
-
SHA256
f4c3bfdc87127665848d91d3b82a4f1215de94fd1bb59b9ad3699541f7b9a80b
-
SHA512
5d5209d16da092926cd250202c137515ddcf5199ff02ceb380b53ca7776ff7c23dd1ad27d9aa77f108df7cf6e0d28da2326093fd636625c0526b75d94ef0ab87
-
SSDEEP
3072:Q6ds69A+pFhQwCEZgs2BRgDxLXao3v+m1+4+MgzWM8e8hlz:hds6tFhQ8lDpfmm1+hyM8
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
LogsDiller Cloud (Telegram: @logsdillabot)
C2
147.135.231.58:39396
Attributes
-
auth_value
c2955ed3813a798683a185a82e949f88
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
904-57-0x0000000001FD0000-0x0000000002004000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections