General

  • Target

    2952-83-0x00000000002D0000-0x0000000000300000-memory.dmp

  • Size

    192KB

  • MD5

    07494e8a427c3f88f2f368bc6f23281e

  • SHA1

    ce28eb0f1af7bf39b609fb02186f3ecf42442a87

  • SHA256

    f9864fc1f68f0e8f0d06574d36ccaca531aad48dc549112a9482cb51acf6e058

  • SHA512

    fc1759cec16a1afe77bf722af39942833f312f0b5d4e9c6227cd18998ac86927dfd1d9bf697e160dbeddc79e07ac263d8ed944d58d72a51db3430ae862076052

  • SSDEEP

    3072:jN9zgaHeuGhriktrBxN3kuZ+zdz+8e8hj:Z9Ie4rhTodz+

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

furod

C2

77.91.68.70:19073

Attributes
  • auth_value

    d2386245fe11799b28b4521492a5879d

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2952-83-0x00000000002D0000-0x0000000000300000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections