General
-
Target
1864-77-0x0000000000280000-0x00000000002B0000-memory.dmp
-
Size
192KB
-
MD5
4eaf61dd16b0ed094350ea51e1366b71
-
SHA1
7ba7ce1c3814673e118b632a3b518b7b378072c5
-
SHA256
3dbb2acd77de66c418f1c780d72712bca3ed3f832628e62250280035e22ac14e
-
SHA512
14333ccc441263df88c4898bc6861febdc9d869518ce5ac5befb038f9cc6177701d6696b552c2823c3c5d78a6d2192d507692077a15b99b0f857e0bca669978d
-
SSDEEP
1536:UDrRuq1Ps36sv0W7TRVOQM6fwrHwhn/rQbg5fb25LxNcqYQHnbuxaNLQmpTu0Gks:88sO/O2DnEba0LxNEyPNcmpTua8e8hT
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
kira
C2
77.91.68.48:19071
Attributes
-
auth_value
1677a40fd8997eb89377e1681911e9c6
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1864-77-0x0000000000280000-0x00000000002B0000-memory.dmp
Headers
Sections