General

  • Target

    1040-54-0x0000000000230000-0x0000000000260000-memory.dmp

  • Size

    192KB

  • MD5

    cbef89574e6e5b3abe243b715965dbe2

  • SHA1

    07c72bef99cddd99b8f968d2fd3b105981fb6bb1

  • SHA256

    fbd62f055ecb5a7508cfbe365cefcb733ad5f71a72c563b5094b3f87d7a0065d

  • SHA512

    ed018f112b031a68e3434e7181430255488e96f84589b73d126572e17653653156099833432cce60fdb317f09023ce39970f7d7fc4fe9679d712dedb861321f3

  • SSDEEP

    1536:NbuR0C10WqlVZRGWyuHrTog/XzMXMQ8ys88888888888888888888888g888888i:kR0feoog/ZpyqVEUCidWT8Fo8e8hQ

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

lux3

C2

176.123.9.142:14845

Attributes
  • auth_value

    e94dff9a76da90d6b000642c4a52574b

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1040-54-0x0000000000230000-0x0000000000260000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections