redline | 345232-56-0x0000000000400000-0x0000000000420000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

345232-56-...ry.exe

windows7_x64

3

345232-56-...ry.exe

windows10-2004_x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

345232-56-0x0000000000400000-0x0000000000420000-memory.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

345232-56-0x0000000000400000-0x0000000000420000-memory.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

General

Target

345232-56-0x0000000000400000-0x0000000000420000-memory.dmp
Size

128KB
MD5

4390a33978939a14717ec675a4121b5b
SHA1

642f9334a1f50d6a81291ab0725fea3392a38d07
SHA256

f468faba9cd34657e3749acea52a58dced4e06548892e54997a28e3b9aeb5d6c
SHA512

361f744cb03046f28c4db034301afcce02e06a55dad0c2d20dce3cf0363bfe1064da99e22e1a43c7cafac93d4d64c9e553ed5ebdc01e06fddfdf90e7fc5accec
SSDEEP

3072:ncmd9iLwLljLZ0XVY/iwr56fl/IOSBXV9:W+JqJST

Score

10^/10

redline

Malware Config

Signatures

Redline family
redline

Files

345232-56-0x0000000000400000-0x0000000000420000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1024B - Virtual size: 609B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy