General

  • Target

    2152-83-0x0000000000320000-0x0000000000350000-memory.dmp

  • Size

    192KB

  • MD5

    cbd9b55f7970561fc80e70df4fc7a91e

  • SHA1

    28eb4d162a5d50c2d47e0ea0c5d8d5aac677c14d

  • SHA256

    71ed91d0141369409694c9abf795e72f21592bc828e7fa062cdb5501ea138982

  • SHA512

    e8823186919e806a81ed207cdf13fea7ce987ccbe60b63b0afbca67ae5edc792b9d0ba7caf120250e5176f1d08c9bfa7f21fb9f706d8fb245f99255a9de4f5e1

  • SSDEEP

    3072:4tE62xyQ6d+VeXdxNLgVK880EHt8e8hK:oEmOA9S80EHt

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

andre

C2

77.91.124.49:19073

Attributes
  • auth_value

    8e5522dc6bdb7e288797bc46c2687b12

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2152-83-0x0000000000320000-0x0000000000350000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections