redline | feabe15902e00dd5dd19f2b786fa7417[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

feabe15902...17.exe

windows7_x64

feabe15902...17.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

feabe15902e00dd5dd19f2b786fa7417.exe

Resource

win7-20220414-en

redline 1 discovery infostealer spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

feabe15902e00dd5dd19f2b786fa7417.exe

Resource

win10v2004-20220414-en

redline 1 discovery infostealer spyware stealer

windows10-2004_x64

0 signatures

0 seconds

General

Target

feabe15902e00dd5dd19f2b786fa7417.exe
Size

88KB
MD5

feabe15902e00dd5dd19f2b786fa7417
SHA1

1204efbca354c4de98ebb89d353a0180ac51cf52
SHA256

0f4b95a37b553b42f04c8530c0863c2a77d5ecf968976673ccde973e7ca379a0
SHA512

9f63efc44f013b000fd935cadd7f0670a599a3f48735be5e1859fe11cf2402e7825f3cf87f91b237d5d2680f16de4a2395def7c999458ff4bb70e3902d34b256
SSDEEP

1536:q0GiPoPVdod1E/QwGjeza0SMdTGqXMTMKo4bXJzAYAra4vu4Mwi:q03oPXod1E/weaMAtyvrtVo

Score

10^/10

1 redline

Malware Config

Extracted

Family

redline

Botnet

1

C2

46.175.145.22:46769

Attributes

auth_value
d4c00908481b7e17c332b2900d54b74f

Signatures

Redline family
redline

Files

feabe15902e00dd5dd19f2b786fa7417.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy