General

  • Target

    2464-266-0x0000000000490000-0x00000000004E0000-memory.dmp

  • Size

    320KB

  • MD5

    c3c5a08f89ea2015b9aff26e7acdeb1a

  • SHA1

    5ba643c86b5829db420ce07192a7a2b8f1e93d8e

  • SHA256

    76e705a22b8a20d9a2dc6d6e250fdae7de951a7c5b764e3b5ca0fd5480f9433b

  • SHA512

    38168d23241826c0ae205fe44d737df33814c2a14f60e1fd5e9b65bd3ad4a344174f7215f5eb11ab6ae8434344d3da2000a68e6f618488748f08e40ce53ff01e

  • SSDEEP

    3072:0qFFrqwIOGTNyHESF9D4L/aFWdE4A6CbAhdZsRTZRqHIccZqf7D34leqiOLCbBOR:fBIOG6a/aEd6RTZwBcZqf7DIvL

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

newbild

C2

185.215.113.67:40960

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2464-266-0x0000000000490000-0x00000000004E0000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections