General

  • Target

    1856-182-0x0000000000490000-0x00000000004C0000-memory.dmp

  • Size

    192KB

  • MD5

    63f6ca5d61cbd04a7a65c9c8ee7902d4

  • SHA1

    99e989f64812319e12f86121a01157c567ec0f35

  • SHA256

    9421f40a45f874edb9d90af6ef991bd3e16cf90852d0b7fa74b0e5c9ea1705d8

  • SHA512

    6613650ac00a9175526c1399223fb87c4f9cd11ca173fb6c928d9e99a78cfd3b6b58c23954fe40a6f094c5b633e3601b734803ef3e10bbedd22dc3a44e669a77

  • SSDEEP

    3072:zUUEa9Te3JQBf8td3/oxN1ULH0tyI8e8h4:w7QRyi1tyI

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

mucha

C2

83.97.73.131:19071

Attributes
  • auth_value

    5d76e123341992ecf110010eb89456f0

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1856-182-0x0000000000490000-0x00000000004C0000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections