redline | tmp | Triage

Submit
Reports

Overview

overview

Static

static

tmp.exe

windows7-x64

tmp.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

reallygangsta redline

1 signatures

Behavioral task

behavioral1

Sample

tmp.exe

Resource

win7-20220901-en

redline reallygangsta discovery infostealer spyware stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

tmp.exe

Resource

win10v2004-20220812-en

redline reallygangsta discovery infostealer spyware stealer

windows10-2004-x64

6 signatures

150 seconds

General

Target

tmp
Size

90KB
MD5

5c83a177ea263d1eb8683ef08adfd5cb
SHA1

bb8e4a5af338df7786ee6b15fe693b0cd6a61286
SHA256

744571209b4bbdf25857472d8b38278a3b47b7cc3e7edcfced44437bd6535624
SHA512

f78832a67f72e5fd6af80b9d3cbfa44e6a2ad1216a57e831244edd717c421c62442283c9a8977fc57f73803405ab176317bef1c85af0bd5214907709c541e0f9
SSDEEP

1536:+PqUPY5oyWjddJg3d3ubDd4ye2DNeDNXNDqDNaiuBjyC4DN1DvyDNPqAJ7WJiq8c:5ruZehOqJi4BjhXbdyIo

Score

10^/10

reallygangsta redline

Malware Config

Extracted

Family

redline

Botnet

ReallyGangsta

C2

188.34.161.100:17182

Attributes

auth_value
719e113cc351f014066afd9ff2b6ca62

Signatures

Redline family
redline

Files

tmp
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy