General

  • Target

    2532-83-0x0000000000270000-0x00000000002A0000-memory.dmp

  • Size

    192KB

  • MD5

    6feb6da5019168641031684d189a4519

  • SHA1

    116acd21025b1b540f8bc5f0beb98ee189e76c6e

  • SHA256

    4bfc4dc6865bf395f7fd17735400756b718e4b2a95caf16305c92568d8e09cef

  • SHA512

    7395b955865c499ebb10779d52184ad40460bc604a59edc59bef274963467095274c3f91e7dd22d5dd76c34f28ec1156bd7162fac7070bfd4532222f12ca77ab

  • SSDEEP

    3072:GN9zgaHeuGhriktrBxN3kuZ+zdzI8e8hj:s9Ie4rhTodzI

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

furod

C2

77.91.68.70:19073

Attributes
  • auth_value

    d2386245fe11799b28b4521492a5879d

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2532-83-0x0000000000270000-0x00000000002A0000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections