General

  • Target

    404-279-0x0000000000490000-0x00000000004C0000-memory.dmp

  • Size

    192KB

  • MD5

    c7c7c130a6d6c7c64f2ca60fa1b8ad43

  • SHA1

    d03a2d9f04bcc608e57c9e395dcab9268e4cdb50

  • SHA256

    2de037795a052d219e0f4a4394927ec999341176dd23fe50e278e933b7cdb966

  • SHA512

    ef8aa3a1cc239888ebbaf973205c6f8f4237045bd1b8f7f49ba73e8ea48710390da1bb790fe59e7749f9790cf539d8229302c24af4c9754da3344388e2b7e60a

  • SSDEEP

    3072:AtE62xyQ6d+VeXdxNLgVK880EHk8e8hK:AEmOA9S80EHk

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

andre

C2

77.91.124.49:19073

Attributes
  • auth_value

    8e5522dc6bdb7e288797bc46c2687b12

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 404-279-0x0000000000490000-0x00000000004C0000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections