General
-
Target
3052-6-0x00000000000F0000-0x0000000000142000-memory.dmp
-
Size
328KB
-
MD5
5bcc03bd845f1105d38765a4ec9a140a
-
SHA1
64c8031d91f14bcca682409edca530f38acfdb1b
-
SHA256
f39de1c1de7966b5aac42355db2bbea6d356c6d4e279d5e58d23675d988db34f
-
SHA512
776d52bb85dffe40350525a32c9ffde011f9d72e567095e38775aeadb7fe03d7e87818804de7a091b4ea2cb3f03d3762686c85a617d80c546b6994717798dd5e
-
SSDEEP
3072:72+Lb3YMQ4SvxLMb8gOlN2Z2S8rdNdAXVDnHLtxdhQAgkVMRqT6Dv/YdeqiOL2br:q2b8gOQ2PBjAl3txdyAXVMRqT6D4nL
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
PShebro
C2
185.172.128.33:38294
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3052-6-0x00000000000F0000-0x0000000000142000-memory.dmp
Headers
Sections