General

  • Target

    3488-2-0x0000000000400000-0x0000000000422000-memory.dmp

  • Size

    136KB

  • MD5

    f1cd19fb4be94794c37ee6eaf3cb1900

  • SHA1

    6f028e6e8ee57550d13903a74520fae4d6025dbc

  • SHA256

    214e5e39f882581da2efca8e516121a00e83813183b8053d94a4af8410e3753b

  • SHA512

    fe89f83a7c40216cfaa05916266117542823c8a98f6ff94ed2d3cec79e13e794dae716845c0eb3dbfc930a182118cb5b1c1988e6847b1695c85044d832f99fb1

  • SSDEEP

    1536:yA/bDr5J0AmS4lZyNtxCuC8+nB8N4c3oJzp0tFSnH8Nby+xXm8lMrGH26A:yQ7Z+nB8N8CjYmyoWvyW6A

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

5637482599

C2

https://pastebin.com/raw/NgsUAPya

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3488-2-0x0000000000400000-0x0000000000422000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections