General
-
Target
1704-97-0x0000000000260000-0x0000000000290000-memory.dmp
-
Size
192KB
-
MD5
33e31e77eb89f070bd7c29b6ca34ace4
-
SHA1
cb346648ae13665838f891d80993cac5e4a176bb
-
SHA256
f93fc4a07fa866f3d349bd80f6fd0e25e341d91537e46440535bd4b4cd12b463
-
SHA512
c27074ec2991d9b13dfd017ad46ef080bfecee26b90318a324601a85fed7baecf4d26d4d9d31069e31b8eb5141959960d528fcd7711f0de9c98a1d4b53196b9e
-
SSDEEP
3072:Xjl4PlApPoj9W4dBUTp+t4cxil6xNjirMdY1I55G8e8ht:XhvoPil+U1I55G
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
werta
C2
83.97.73.129:19061
Attributes
-
auth_value
6e25ebacc579056d9e0c4bb3594012ad
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1704-97-0x0000000000260000-0x0000000000290000-memory.dmp
Headers
Sections