redline | 1068-55-0x0000000004590000-0x00000000045BE000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1068-55-0x...ry.exe

windows7_x64

1068-55-0x...ry.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

1068-55-0x0000000004590000-0x00000000045BE000-memory.exe

Resource

win7-20220414-en

redline top infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

1068-55-0x0000000004590000-0x00000000045BE000-memory.exe

Resource

win10v2004-20220414-en

redline top infostealer

windows10-2004_x64

0 signatures

0 seconds

General

Target

1068-55-0x0000000004590000-0x00000000045BE000-memory.dmp
Size

184KB
MD5

ea220f352909f3b2a20c29f106b2cadb
SHA1

45553aa90c989f6771e3bb814e99fed31a84361c
SHA256

0a6e7271672f7d86ac5741a611c19a74dbb44a6bdaa21005496ebb5ea67a0c66
SHA512

38a485d5647069f30b8af9921f9769806b2c5db24c559346cabe3f0f8f6e13d7624da98440dda8ba7ad64dea22a0438e07ed774a9d1ba0765fe35cc33bd09a9c
SSDEEP

3072:CN5OjDDAK8tZtZaKLwqVFwsVxgC0YSCC:CZKMJaWhN

Score

10^/10

top redline

Malware Config

Extracted

Family

redline

Botnet

top

C2

iclarinyerac.xyz:81

manellylarii.xyz:81

Attributes

auth_value
b66a08c69f913be894bbfce00805fab1

Signatures

Redline family
redline

Files

1068-55-0x0000000004590000-0x00000000045BE000-memory.dmp
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy