General

  • Target

    748-116-0x0000000000300000-0x0000000000330000-memory.dmp

  • Size

    192KB

  • MD5

    177b3c524bec76abff3ce8b63840ed12

  • SHA1

    41c85b5fa10a44f6563670a976dd3da4a2284916

  • SHA256

    3bf76b6159e1b85a3d1e525089faa836632098d021355bd3593cc742b7a91e98

  • SHA512

    fd084adfa3cd05e342f7953782ba337bd74f14aa13fb0f7c5201cf9a1a50b0565742c58f69b242d34c4d6cef68c00ea8e7a642da52b963ae32267fe0cb935380

  • SSDEEP

    1536:OlBA36sv0W7T1sjvrHzbNSISuiiB0J57TNyQGxNXLYQLrbuLh8yrEHVF+0GkR58U:OrqCnNsZWSZ5GxN8yi8yIHVF+a8e8hO

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

masha

C2

77.91.68.48:19071

Attributes
  • auth_value

    55b9b39a0dae383196a4b8d79e5bb805

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 748-116-0x0000000000300000-0x0000000000330000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections