General
-
Target
652-54-0x0000000000400000-0x0000000000426000-memory.dmp
-
Size
152KB
-
MD5
eceb704f859736a559b04c97aa76a8c7
-
SHA1
4096702d357f34a5a2eb40c65a5dc26b89e4c1e9
-
SHA256
c11d2b029b14ee4967c5aa5eb84e4247875c83c329cb34c8c63f489e724cdf1a
-
SHA512
92511f87f803a668a64ac71b647d7faef9b8b8f13e7e8b83c6d1652ccbb6531cf90747ff9dbc9be1f614b7196f8b6733e41576dbd96c21f1c98f50b261f744eb
-
SSDEEP
1536:+aocnVHT1K/oA+Jcc+fvPIUpGGtMVwW/t79+2hgjTUEbV7I/O51asYgibfbFDKs3:LocZZPK3PIUGkWdLoheGXYgafJl9
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
LogsLive
C2
185.157.120.11:36690
Attributes
-
auth_value
a16774510cd375994bf6470f15b46cde
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
652-54-0x0000000000400000-0x0000000000426000-memory.dmp
Headers
Sections