General
-
Target
1800-54-0x0000000000220000-0x0000000000250000-memory.dmp
-
Size
192KB
-
MD5
6138403d21baaa714adf94ac0800124a
-
SHA1
22c2b969474f03ea28de4e528e73cb2ef0a5d45a
-
SHA256
8af5e6f60d3d38d3c058f156e1678907114602bdc0897bce829fc120bb72400a
-
SHA512
f1d6ec55e54d696e9a691f3f039f68f2d2a759a50976081f28e6b7fe8b569215612b81c1261ce5d2196150098d6c6b21601f03de6709295a79dd8622f27e43a8
-
SSDEEP
1536:LDrRuq1Ps36sv0W7TRVOQM6fwrHwhn/rQbg5fb25LxNcqYQHnbuxaNLQmpTu0GkW:/8sO/O2DnEba0LxNEyPNcmpTuE8e8hT
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
kira
C2
77.91.68.48:19071
Attributes
-
auth_value
1677a40fd8997eb89377e1681911e9c6
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1800-54-0x0000000000220000-0x0000000000250000-memory.dmp
Headers
Sections