General
-
Target
1464-328-0x0000000000400000-0x0000000000426000-memory.dmp
-
Size
152KB
-
MD5
7d2929fb8e7f1a4cf95e8cd4f2e0c85b
-
SHA1
36b9ae95781149d071db7fc165872a4920f91de7
-
SHA256
58fb0ecc87d736ced87a5b28f417787001532d3513f42cb84227465e73133031
-
SHA512
41a736733a47673324762455f77119615c089f9dfe7e48471cdf50cef0cd0f0d9641ebc46e57a57c1f5337909791777c36255c309f1b0d230cc8ddc2a90be734
-
SSDEEP
1536:GaQcnVHT1H/ofs2J88+f5wSL09Fu/O8mtBhZjaGbV7z/T9m2sYgibfbFDKsRv:jQcZZjCKmSL+uXm90S1LSYgafJlv
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
240623_rcn_11
C2
rcn.tuktuk.ug:11285
Attributes
-
auth_value
c3b2a1ea22f94130d13c3d3e2ab4dedf
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1464-328-0x0000000000400000-0x0000000000426000-memory.dmp
Headers
Sections