General
-
Target
1268-18-0x0000000000400000-0x0000000000452000-memory.dmp
-
Size
328KB
-
MD5
bb9cd579c39a4712adcc240d4c761791
-
SHA1
777728d01ae9c0511f4be1e43fcd2148d48c96b4
-
SHA256
c2b107be3483315807d4654613260f3eb03a9f697e30c40938836fb1ba898591
-
SHA512
2421a7651f9ef018d179152aac182612dd6e21e2fb272ea0402cb09346c690d8d403fb7983ef16e90515f662e7563bd13c3502fe7ccb52c54720260946179074
-
SSDEEP
3072:Fq6EgY6iXrUjrVcJKwPVTpcQ4cOpRCsbTAXtASiLgcZqf7D34VeqiOLibBOD:MqY6iIwPrc5ciCcTAdAxgcZqf7DI/L
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
LogsDiller Cloud (TG: @logsdillabot)
C2
193.233.255.84:4284
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1268-18-0x0000000000400000-0x0000000000452000-memory.dmp
Headers
Sections