General
-
Target
2596-230-0x00000000011C0000-0x0000000001210000-memory.dmp
-
Size
320KB
-
MD5
1a854549d9729979b359fd3ed67cd770
-
SHA1
6c9ecfb487946abe35e58615fcadd5e860c06ee9
-
SHA256
fe5296c9ecfe8a9d7e57ee2ef66c6ca3d64ab88b22e063a33961b612f9955d18
-
SHA512
03e9c0af4725205ab1d09bd88780fa2f540e54f838c2ea4d55a7fecdcb509125f18a5b47033f54b71c36c54c5fcbab4313ba31745f55a989a81ed8bf67fc9528
-
SSDEEP
3072:VqFFrqwIOGTNyHESF9D4L/aFWdE4A6CbAhdZsRTZRqHIXcZqf7D34leqiOLCbBOR:cBIOG6a/aEd6RTZwWcZqf7DIvL
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
newbild
C2
185.215.113.67:40960
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2596-230-0x00000000011C0000-0x0000000001210000-memory.dmp
Headers
Sections