General
-
Target
4420-264-0x0000000000490000-0x00000000004C0000-memory.dmp
-
Size
192KB
-
MD5
f35fa7a4f5f8ddf6fa34db01894a94da
-
SHA1
be86bf5396ca6b965ce4b46a1deea55b97109ec7
-
SHA256
432c7403bef68225f6a37c3dd6c9a19a770ada20a55cc93e003d239bf85f9eff
-
SHA512
90b6054e80b5a0857eb1c631d54737253affde25877d1694eecebeeafc90e19e257308cf3a3cf061fc20a5437f6570cd74cfe4616d035ad8432515c6029c97ea
-
SSDEEP
3072:TtE62xyQ6d+VeXdxNLgVK880EHk8e8hK:REmOA9S80EHk
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
andre
C2
77.91.124.49:19073
Attributes
-
auth_value
8e5522dc6bdb7e288797bc46c2687b12
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4420-264-0x0000000000490000-0x00000000004C0000-memory.dmp
Headers
Sections