redline | 684-58-0x0000000000070000-0x000000000008C000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

684-58-0x0...ry.exe

windows7-x64

684-58-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

lyla.11.09 redline

1 signatures

Behavioral task

behavioral1

Sample

684-58-0x0000000000070000-0x000000000008C000-memory.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

684-58-0x0000000000070000-0x000000000008C000-memory.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

684-58-0x0000000000070000-0x000000000008C000-memory.dmp
Size

112KB
MD5

ffd37d94cc5fb9abf1eec4f45a37f935
SHA1

49caa58f40fb92478801564979e223464cedcd3a
SHA256

1565a26ed0074e9d6cad99be0813291fa1d4619192232f887643b8e66a07bbd6
SHA512

6e10542d0405b1e8f5359402f7c0c8e49cd00f68ba567aa57d0282def86d9c5d8769ddf351d76e5efcc0b8a84bf014e5f992da585a047c8a1eb41424648e41ea
SSDEEP

1536:uPqUPY5gyWjddJg3ZnubDNtieWDN+DNwNDaDNKiuRjyCYDN1jviDNPaQJ72oPMlC:J/u+eqOaJiJlyb3yCWLI

Score

10^/10

lyla.11.09 redline

Malware Config

Extracted

Family

redline

Botnet

Lyla.11.09

C2

185.215.113.216:21921

Attributes

auth_value
a1e5192e588aa983d678ceb4d6e0d8b5

Signatures

Redline family
redline

Files

684-58-0x0000000000070000-0x000000000008C000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy