redline | 5e7ddc43966d53ef7709703c87674c6c[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e7ddc43966d53ef7709703c87674c6c.exe
Size

95KB
MD5

5e7ddc43966d53ef7709703c87674c6c
SHA1

21029c51575a2cdcf256fee68baf5e22d0e553c6
SHA256

bdcfe3b4e91f0cf6c5e0bdf9b115b2c2f74414ccaa616d345c24c15ee3455074
SHA512

e228824e96ce37274aebf6748e929dce99fa61fbb9ad81e9b4d20d842311fa32ff4b17a341552fa997a101cc2a53acedf8b428f4b734f049d7ae4ba4015bf5c2
SSDEEP

1536:xqsK1tqzClbG6jejoigIr43Ywzi0Zb78ivombfexv0ujXyyed2D3tmulgS6pk:f2tAyYr+zi0ZbYe1g0ujyzdTk

Score

10^/10

redline

Malware Config

Signatures

RedLine payload 1 IoCs

resource	yara_rule
sample	family_redline

Redline family
redline

Files

5e7ddc43966d53ef7709703c87674c6c.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ