redline | 7e032138b9e7ddc0e4642b3ee42a373fdff575a2a42fef8204c47f0c1a445f86 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

7e032138b9e7ddc0e4642b3ee42a373fdff575a2a42fef8204c47f0c1a445f86.exe

Resource

win10-20220812-en

redline bot discovery infostealer spyware stealer

windows10-1703-x64

6 signatures

150 seconds

General

Target

7e032138b9e7ddc0e4642b3ee42a373fdff575a2a42fef8204c47f0c1a445f86
Size

114KB
MD5

9903088be4e00d4c6020f85c049869dc
SHA1

5c7fbf5fbf256f858297bcc38a9df8d597377cb9
SHA256

7e032138b9e7ddc0e4642b3ee42a373fdff575a2a42fef8204c47f0c1a445f86
SHA512

6f6f5269a38b1f6147f917b095f0e621860702c283643b3cc486499c8c61a799789e44cf31763b6cf7c2e7af61d09d967d9b9e01250fa2a1949aaa7ee6524c61
SSDEEP

1536:rK6DS0wmpHEkMW2nzfPfqQklJXs7MmmwoItEQop08vrLM8buOfMoICLe0wuei6k0:mkvpHEk7SaF2oItrop9P/Godah20

Score

10^/10

bot redline

Malware Config

Extracted

Family

redline

Botnet

Bot

C2

103.173.226.188:19733

Attributes

auth_value
bd44af08de57612871a5de0c3c534b39

Signatures

Redline family
redline

Files

7e032138b9e7ddc0e4642b3ee42a373fdff575a2a42fef8204c47f0c1a445f86
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy